Publicly disclosed information for this event

Index Number:

Title:

2010_002

Wi-Fi remote access on a shipowner IT system for two years enabled hackers to gather ships routing [...]

Day	Month	Year	Country	Activity	Incident Type
XX	N/A	2010	Greece	Shipowner	Intrusion

Summary

The victim, a Greek shipping company, has shipping routes particularly in challenging waters like the Gulf of Aden, Somalia.

According to sources, between 2010 and 2011, this company experienced an unusually high number of successful (physical) piracy attacks while navigating through the Gulf of Aden. Upon investigation, it was uncovered that hackers, believed to be commissioned by pirates, infiltrated the company's systems. The primary aim of this unauthorized access was to obtain detailed ship routing plans, which enabled pirates to identify the most vulnerable ships and precisely time their passage through high-risk areas. After analysis, the breach's origin was traced back to Wi-Fi-enabled light bulbs, a recent addition to the company's office infrastructure.

It seems that the failure to change default credentials on these smart devices facilitated unauthorized access, leading to operational, financial, and reputational damages.

Victim

N/A

Claimed/Reported Threat Actor

N/A

Origin

Cybercrime

Main impact

Confidentiality

Recommendations to Shipowner to reduce Intrusion risks:

Implement strong access controls and authentication mechanisms to limit unauthorized access, such as Multi Factor Authentication.
Regularly update and patch software and systems to address known vulnerabilities.
Use Network Intrusion Detection Systems (NIDS) to monitor and block suspicious activities.
Segment your network to limit lateral movement by attackers in case of a breach.
Educate your employees about phishing attacks and social engineering tactics to prevent credential theft.

Files generated on Monday, 11th December 2023.
ADMIRAL is licensed under the Creative Commons