While attacks on ships in the waters off Somalia have fallen dramatically in recent years, new hotspots in south-east Asia have emerged, causing huge worry for shipping firms that ply the waters in that part of the world.
And it doesn’t help that some of the pirates are getting smarter about the way they plan and execute the raids.
One global shipping company noticed how the seaborne criminals suddenly started to carry out their raids with far greater efficiency, but couldn’t work out why. They’d board the boats, force the crew into a single area, head straight to specific containers, nab the targeted goods, and quickly slip away.
Puzzled about the pirates’ new methods, the company contacted the Verizon RISK (Research, Investigations, Solutions, and Knowledge) Team, which carries out cyber investigations for hundreds of commercial enterprises and government agencies every year around the world.
After some research, it turned out these particular pirates were a tech-savvy bunch.
Hacking the computer systems of the unnamed shipping company, they were able to access all the information they needed to plan methodical raids as precise as they were profitable.
The pirates knew the ship, the route, the cargo, and the exact containers that held the goods they were after.
“They’d board a vessel, locate by bar code specific sought-after crates containing valuables, steal the contents of that crate – and that crate only – and then depart the vessel without further incident. Fast, clean and easy,” Verizon said in its recently published security report.
While undoubtedly more sophisticated than many of the sea-based attacks that’d gone before, these pirates evidently still had quite a bit to learn to carry out the perfect hack.
For example, they failed to use proxies to hide their network address, and even sent all of their commands over the Internet in plain text, enabling RISK to get a clear handle on the nature of the pirates’ actions.
“These threat actors, while given points for creativity, were clearly not highly skilled,” Verizon’s security team said. “For instance, we found numerous mistyped commands and observed that the threat actors constantly struggled to interact with the compromised servers.”
Having gathered enough information on the pirates’ hack, the shipping company was able to take the necessary steps to make life a whole lot harder for the pirates behind the raids, such as shutting down and rebuilding compromised servers, resetting passwords, and introducing new security procedures.
It’s not known if these particular pirates were ever brought to justice, though if not, we hope their frustration at having their cybercrime efforts thwarted hasn’t led them to revert to old-style hostage-taking methods à la Captain Phillips.
