Hackers can now bring down cargo ships and airplanes

Container cargo ships sit off the shore of the Long Beach/Los Angeles port complex in Long Beach, California on Wednesday, October 6, 2021.

Jeff Gritchen | MediaNews Group | Getty Images

Armed with little more than a computer, hackers are increasingly targeting some of the biggest things humans can build.

Huge container ships and chunky cargo planes – essential in today’s global economy – can now be brought to a halt by a new generation of code warriors.

“The reality is that an airplane or a ship, like any digital system, can be hacked,” David Emm, a senior security researcher at cyber firm Kaspersky, told CNBC.

In fact, this was proven by the US government during a “pen test” exercise on a Boeing plane in 2019.

hack logistics

However, it is often easier to hack the companies that operate in ports and airports than to gain access to an actual plane or ship.

In December, the German company Hellmann Worldwide Logistics announced that its operations had been hit by a phishing attack. Phishing attacks send spoof messages designed to trick people into handing over sensitive information or download malicious software.

The company, which offers services in the areas of air freight, sea freight, road and rail as well as contract logistics, did not have to take any new bookings for several days. It’s unclear how much it lost in revenue as a result.

Sami Awad-Hartmann, Hellmann’s chief information officer, told CNBC that the firm immediately tried to “stop the spread” when it realized it had been the victim of a cyberattack.

“You have to stop it to make sure it doesn’t go any further into you [computing] infrastructure,” he said.

Hellmann, a global company, has disconnected its data centers around the world and shut down some of its systems to contain the spread.

“One of the drastic decisions we made then, when we saw that we had infected some systems, was that we disconnected from the internet,” said Awad-Hartmann. “As soon as you take that step, you stop. You don’t work anymore.”

Everything had to be done manually, and business continuity plans came into effect, Awad-Hartmann said, adding that some areas of the company could handle this better than others.

Awad-Hartmann said the hackers had two main goals. The first is to encrypt Hellmann and the second is to exfiltrate data.

“Then they blackmail you,” he said. “Then the ransom begins.”

Hellmann wasn’t encrypted because it was moving fast and closed from the internet, Awad-Hartmann said.

“Of course, once you’re encrypted, your reboot process will take longer because you may need to decrypt,” he explained. “You might have to pay the ransom to get the master keys and things like that.”

Hellmann is working with legal authorities to find out who is behind the cyber attack. There is some speculation but no definitive answers, Awad-Hartmann said.

NotPetya attack

The infamous NotPetya attack in June 2017, which affected several companies including Danish container shipping company Maersk, also highlighted the vulnerability of global supply chains.

Maersk first announced that it had been hit by NotPetya in late June this year – a ransomware attack that prevented people from accessing their data unless they paid $300 in bitcoin.

“In the last week of [second] During the fourth quarter, we were hit by a cyberattack, mainly affecting Maersk Line, APM Terminals and Damco,” Maersk CEO Soren Skou said in a statement in August 2020.

“Business volumes were negatively impacted for a few weeks in July and as a result our third quarter results will be impacted,” he added. “We expect the cyberattack to negatively impact results by $200-$300 million.”

The ransomware attack exploited certain vulnerabilities in the Windows software platform that Microsoft updated after they were leaked.

“This cyberattack was a previously unknown type of malware, and updates and patches applied to both Windows systems and antivirus programs were not effective protection in this case,” Maersk said.

“In response to this new breed of malware, AP Moller Maersk has introduced various and additional protections and continues to review its systems to defend against attacks.”

In a follow-up article, Gavin Ashton, then an IT security expert at Maersk, wrote that being attacked was “inevitable”.

“It’s inevitable that one day you’ll pull through,” Ashton continued. “And of course, you should have a solid contingency plan in place just in case the worst comes to the worst. But that doesn’t mean you don’t try to put up a damn good fight to stop those attacks in the first instance. Just because you know that bad actors are coming doesn’t mean you leave your front door open and make them a cup of tea when they walk in. You could just lock the door.

In February 2020, Japan Post-owned freight forwarder Toll Group was forced to shut down certain IT systems after suffering a cyberattack. Toll Group did not immediately respond to a CNBC request for comment.

Concealment of drug shipments

Sometimes the hackers are not necessarily looking for a ransom.

In 2013, criminals hacked systems at the port of Antwerp to manipulate the movement of containers so they could disguise and transport their drug shipments.

Once in the right systems, the hackers changed the location and delivery times of the containers holding the drugs.

The smugglers then sent their own drivers to collect the shipping containers loaded with drugs before the legitimate shipper could collect them.

The hackers used spear phishing and malware attacks targeting port authority and shipping company employees to gain access to the systems.

The whole scheme was uncovered by police after shipping companies realized something was wrong.

Awad-Hartmann said hackers have realized the importance of global supply chains, and they now know what happens when they are disrupted.

“It’s affecting the entire global economy,” he said. “You see that goods do not flow. You have gaps in the supermarkets. Of course I think the hackers see the dependency on this supply chain. And then, of course, a logistics company is a goal for them.”

He added that logistics is currently the focus as global supply chains are in the news.

“But I think it’s a general threat,” he said.

“And it’s not going away. It’s going to increase. You have to keep checking. Are you still prepared? It’s keeping us busy and costing us a lot of money.”

https://www.cnbc.com/2022/06/27/hackers-can-now-bring-cargo-ships-and-planes-to-a-grinding-halt.html Hackers can now bring down cargo ships and airplanes

Drew Weisholtz

World Time Todays is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@worldtimetodays.com. The content will be deleted within 24 hours.

Related Articles

Back to top button