This literacy is about an assignment my professor has assigned. This is in regards to a case study about Port Antwerp. It discusses about what caused criminals to determine this to be a prime location for smuggling goods, what tactics they’ve used, ways to mitigate those from occurring in the future, and how to ensure that the companies you use services with, have the right type of security put into place to mitigate such occurrences.
CONTRIBUTING FACTORS
The case study can’t be said any better than “The gateway to Europe, Antwerp, is a major international port and ranks 15th of the 20 largest container ports worldwide.” Which could lead to the most aggressive organized crime syndicates to be able to want to infiltrate the main attractions which are Rotterdam and Antwerp’s ports, two of Europe’s largest and most centrally located. It’s like a bear finding honey in a forest. The criminals saw the potential of the port that connected all of Europe and though that it was the ideal spot to be able to smuggle goods internationally.
The Criminals thought that with how the port was being managed and hwo they’ve already attempted to use it once. The only way they would be able to smuggle goods is by infiltrating the technology itself.
Which leads to a chart that was presented in the article. This article showed, computers that required PINs to access, this led to a vulnerability that can be exploited by criminally minded organizations and play a significant role in this case study the port was already in the midst of one of the most sophisticated cybersecurity breaches to date. The way they obtained this was by doing a typical phishing attack. They targeted the executives and managerial staff, they would generate a PIN and forward it to them. The PIN was used for the keypad to authorize the trucking company to pick up the container that had the smuggled goods within it. Additionally in order to root themselves into this port they’ve decided to hire a friendly hacker. The criminal syndicate manipulated and deceived good hacker to do their bidding.
A PWNIE & HOW TO MITIGATE
What that bidding was is creating a device that would benefit them. This device is called a “pwnie”. As stated from the asrticle “Such devices can leverage both Cellular and WiFi networks to transmit interrupted keystrokes. Access to the port’s operational systems could allow criminals to manipulate container information such as its source, destination, date of entry, scheduled pickup, and other data that might allow unauthorized and illegal activities. the criminal gang to record log-in credentials, including passwords, of many of the port’s operational systems, including those used to track and control containers moving throughout the port. These movements span the workflow of unloading containers off the ships, placing those containers, and finally, loading the containers on rail cars, trucks, or other vessels. cellular communication devices that allowed the drug smugglers to bypass the port’s internal networks and transmit data directly to servers under the gang’s control. These devices, often referred to as “pwnies,” “minicomputers disguised as power strips and Internet routers. Such devices can easily go unnoticed in an office while intercepting network data. devices can leverage both Cellular and WiFi networks to transmit interrupted keystrokes (Kirkpatrick, Charles 2022)”. In short A device that’s able to control the keypads of cargos, listen in to when trucks would come and go, and be able to listen who was working on those days and who weren’t. An effective way to counteract this would be by Using VLANS (Virtual Local Area Network), having an IDS (Intrusion Detection Sytem), requiring MFA (Multi-Factor Authentication) and forcing passwords to change every 3 to 6 months. Additionally, You can train employees on the importance of social engineering, determining what a rogue device is, and not logging into any suspicious networks that the technology department hasn’t created for them to login too.
PROTECTING THE SUPPLY CHAIN
The employees aren’t also the ones to blame as well. Companies themselves tend to look past basic compliances. They tend to look past them due to the fact that they don’t have enough in the budget to accommodate to these compliances or don’t have sufficient time to do so. The compliances that should be referred to are the following: Apply the NIST (National Institute of Standards and Technology) Framework and ISO 27001 (International Standards Organization), and additionally the GDPR (General DATA Protetion Regulation). This allows you to monitor companies and see if they have these regulations. Adding to this, monitoring vendors can ensure that occurrences like this case study doesn’t occur to companies. Making vendors have a few requirements in the contracts like, having to have security, the right to audit, and having a liability and incident documentation on the ready ensures that companies are able to rely on there vendors for not putting their own companies at risk. Securing software that is being used is important as well. Having end-to-end encryption mitigated anyone being able to deduct what the companies next moves are and prevents criminals from being able to use information the company has provided against itself.
PHYSICAL SECURITY MITIGATION STRATEGIES
Having physical security helps deter intruders from harboring the port if a crime syndicate would decide to run contraband through the port. Having perimeter security and access control Would be ideal. For example, having Gated Entry/Exit Poins allows the limitation of only authorized personnel from entering the port. Applying a license plate recognition camera when vehicles exit and enter would be a great way to help detect any unauthorized access. The reason why this would be such a great implementation is to avoid what the case had mentioned “They were simply hired to pick up a container at the port using the compromised PIN and deliver that cargo to the address on the pick-up ticket. The driver had no idea the PIN was compromised and had no reason to believe the cargo’s destination was anything other than legitimate (Kirkpatrick, Charles 2022)”. Additionally having cameras, sonar, radar and motion sensors would deter any unauthorized personnel from entering as well. Separating public areas, with operational and having strong security on important cargo will be able to be more easily manageable.
These were how criminals were able to get a hold of port Antwerp and ways to identify and mitigate such occurrences from occurring in the future. With the addition of having companies ensure and reinforce their own compliances to companies that provide services towards their own. Ensuring that they physical security is up to standards, with the addition of ensuring that employees are well trained.
REFERENCES
Kirkpatrick, Charles Port of Antwerp Case Study – Early Examples of Cyber/Physical Threat https://docs.google.com/document/d/1aTbWd_H_HEfFTixruiTwmJVERE5_HEkcNIZYi6pchI/edit?tab=t.0#heading=h.hkhbwi6f6k9e