Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Publicly disclosed information for this event

Index Number:
Title:
2010_002
Wi-Fi remote access on a shipowner IT system for two years enabled hackers to gather ships routing [...]
Day Month Year Country Activity Incident Type
XX N/A 2010 Greece Shipowner Intrusion

Summary

The victim, a Greek shipping company, has shipping routes particularly in challenging waters like the Gulf of Aden, Somalia.

According to sources, between 2010 and 2011, this company experienced an unusually high number of successful (physical) piracy attacks while navigating through the Gulf of Aden. Upon investigation, it was uncovered that hackers, believed to be commissioned by pirates, infiltrated the company's systems. The primary aim of this unauthorized access was to obtain detailed ship routing plans, which enabled pirates to identify the most vulnerable ships and precisely time their passage through high-risk areas. After analysis, the breach's origin was traced back to Wi-Fi-enabled light bulbs, a recent addition to the company's office infrastructure.

It seems that the failure to change default credentials on these smart devices facilitated unauthorized access, leading to operational, financial, and reputational damages.

Victim

N/A

Claimed/Reported Threat Actor

N/A

Origin

Cybercrime

Main impact

Confidentiality

References

Recommendations to Shipowner to reduce Intrusion risks:

  • Implement strong access controls and authentication mechanisms to limit unauthorized access, such as Multi Factor Authentication.
  • Regularly update and patch software and systems to address known vulnerabilities.
  • Use Network Intrusion Detection Systems (NIDS) to monitor and block suspicious activities.
  • Segment your network to limit lateral movement by attackers in case of a breach.
  • Educate your employees about phishing attacks and social engineering tactics to prevent credential theft.
Previous Next
Disclaimer: the data are provided as is. France Cyber Maritime and the M-CERT take no responsibility for the soundness, quality, precision, nor the eventual attribution made by the referenced URLs. We give a lot of respect and support to the victims of attacks.
Files generated on Thursday, 10th October 2024.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2024.