This is according to a recent report in Verizon’s Data Breach Digest. According to the report, “Rather than spending days holding boats and their crew hostage while they rummaged through the cargo, these pirates began to attack shipping vessels in an extremely targeted and timely fashion. Specifically, they would board a shipping vessel, force the crew into one area and within a short amount of time they would depart. When crews eventually left their safe rooms hours later, it was to find that the pirates had headed straight for certain cargo containers.”
Eventually this led to the shipping company to realize that the pirates had some knowledge beforehand of where certain valuables were kept and what the contents on the ships were, which also led to them to discover that they had been hacked. It seems that a malicious web shell had been uploaded to the servers of the shipping company, which allowed the pirates to download data from the company, like shipping manifests and whatnot.
This is admittedly rather creative for the pirates, but it seems that they weren’t particularly skilled. The report reads, “These threat actors, while given points for creativity, were clearly not highly skilled. For instance, we found numerous mistyped commands and observed the threat actors constantly struggled with the compromised servers.” Regardless, we expect that they should improve in time, which we can only imagine will now be a new issue shipping companies will have to face.
. Read more about