Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Publicly disclosed information for this event

Index Number:
Drug dealers hijack a Cargo Community System during two years to allow customs clearance for [...]
Day Month Year Country Activity Incident Type
XX N/A 2011 Netherlands Port Physical hijack


Ports are using IT systems to monitor and manage the movement of containers and the goods they transport. A notorious drug-smuggling operation was revealed, showcasing the potential links between cybercrime and drug trafficking. A group of traffickers commissioned "hackers" to penetrate these systems. The cyberattack aimed to ascertain the exact locations of containers, making it possible for the traffickers to discreetly retrieve narcotics mixed with genuine cargo.

According to sources, the operation unfolded over two years, starting with hackers sending malicious software via emails to staff. This was followed by more advanced methods like breaking into the premises to install key-logging devices. This modus operandi permitted them to monitor keystrokes and screen activity. While the total volume of drugs transported remains undetermined, a significant seizure included over a tonne of cocaine, worth around €130m, a suitcase containing €1.3M. A separate event that drew attention was an attack on a lorry driver, unrelated to the conspiracy, who was mistakenly believed to have transported a container filled with cocaine.

The port also had to pays amounts to compensate for the loss of containers, and to strengthen its security measures.


Port of Antwerpen

Claimed/Reported Threat Actor




Main impact



Recommendations to Port to reduce Physical hijack risks:

  • Implement physical security measures, such as access control systems and surveillance cameras.
  • Store critical hardware and data in secure, locked facilities.
  • Establish procedures for reporting lost or stolen equipment immediately.
  • Regularly conduct security audits and assessments of physical security measures.
  • Train personnel in physical security awareness and incident response procedures.
Previous Next
Disclaimer: the data are provided as is. France Cyber Maritime and the M-CERT take no responsibility for the soundness, quality, precision, nor the eventual attribution made by the referenced URLs. We give a lot of respect and support to the victims of attacks.
Files generated on Monday, 11th December 2023.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2023.