An unnamed shipping company had its unpatched content management system hacked by sea-pirates, who then sorted the ships at sea by the value of their cargo to help prioritize attacks to maximize the take.
The Web shell used by the attackers didn't support SSL, so all their activities were logged to the webserver, enabling Verizon's RISKS team to analyze their actions. Though the idea of attacking cargo ships by hacking their CMS is a sophisticated one by the standards of sea-pirates, the attackers weren't sophisticated enough to run their attacks through a VPN, enabling the RISKS team to trace the attack back to the hackers' home IP address.
The RISK Team quickly narrowed down the problem to the firm's outdated custom-built CMS, which featured an insecure upload script. As the Verizon team explained, a hacker, either part of the sea pirates group or hired by them, had uploaded a Web shell via this insecure form. In turn, this shell was uploaded inside a Web-accessible directory.
To make things worse, that particular folder also had "execute" permissions, meaning the hacker could send commands to the Web shell via URL parameters and have them executed without any further exploit chaining.
Using this access to the shipping firm's database, the hacker pulled down BoLs (bills of lading), future shipment schedules, and ship routes so the pirates could plan their attack and identify crates holding valuable content.
Sea Pirates Hacked Shipping Company to Plan Attacks, Find Valuable Cargo
(Image: Container Ship, NOAA's National Ocean Service, CC-BY)
“To the world leaders and those in power, I would like to say that you have not seen anything yet. You have not seen the last of us, we can assure you that. And that is the message that we will bring to the World Economic Forum in Davos next week.” In the Swiss city […]
Former Vice President and current 2020 Democratic presidential hopeful Joe Biden says U.S. Section 230 should be immediately revoked for Facebook and other social media platforms, and that Mark Zuckerberg should be submitted to civil liability.
Ukraine is asking United States FBI to help it investigate a suspected state-sponsored hack by the Russian military on Burisma, the Ukrainian energy company at the center of the impeachment of U.S. President Donald Trump.
Anyone who loves biking, skiing, or snowboarding in the great outdoors knows just how difficult it can be to safely transport your gear—especially during extended trips. These three accessories make it easier than ever to securely attach your gear to your car. So if you’re planning to embark on a outdoor adventure soon, you’d be […]
It seems like AI is everywhere these days, from the voice recognition software in our personal assistants to the ads that pop up seemingly at just the right time. But believe it or not, the field is still in its infancy. That means there’s no better time to get in on the ground floor. The […]