Pirates hack into shipping company’s servers to identify booty

This story is pretty sensationalized.<p>1. A container shipping company does not store the bar code of crates&#x2F;packages. I&#x27;ve easily read 100s of booking details and never seen this. At most you maybe find one booking where the customer gave too much info and the customer service person copy&#x2F;pasted too much. Anyway, either the article is talking about the container number or the hacked company is a logistics company.<p>2. If it is a logistics company, they wouldn&#x27;t know exactly where the container is on the vessel. You can ask &quot;above&#x2F;below deck&quot;, but exact details aren&#x27;t normally shared. You&#x27;d need to hack two companies if the pirates behaved like the article suggests.<p>3. Boarding a container ship isn&#x27;t that easy as a lot of them are huge.<p>4. A container might just be reachable. Hint: For some commodities special care is taken to ensure that the vessel crew can still reach it. It&#x27;s much easier to target a container after it has left a terminal and is e.g. on a truck. Note that even with full access it is better to somehow takeover a truck than to pick it up yourself; they check and your identification (passport&#x2F;drivers license) when you pick up.<p>At most this might be about some logistics company that uses small vessels. E.g. intra Asia trade. Any big company I would be surprised if the hackers would make sense of all the systems :-P<p>That said, every so often you do see news articles whereby someone within either customs or a shipping company sells the details to others. Those others then steal the goods. But not by boarding vessels though, they takeover the truck.

Hacker pirates: finally, we live in the future!<p>Aside from that though, I wonder if we&#x27;ll be seeing increasing criminal activity like this or if it&#x27;ll stay as an occasional source of funny headlines.<p>On the one hand the resources and knowledge of how to compromise a server are more accessible all the time.<p>On the other, exploited vulnerabilities are patched and the walls stay a bit higher than the cheap ladders. This will pretty much ensure that there is almost always at least a non-trivial amount of learning that needs to be done in order to profitably compromise equipment for practical purposes.<p>I&#x27;m thinking that the prevalence of basic technical savvy (roughly &quot;has strong google-fu in the service of troubleshooting&quot; or better) is going to be the largest influence on whether hacking-augmented crime increases or not.<p>My logic here is that it would happen more if more criminals knew how to go about learning how to hack since that gap between pre-built tools and practical application is always going to be there, but it&#x27;s certainly bridgeable with some curiosity.<p>More technically savvy population, more cybercrime. It makes sense, but it can also be used as a kind of fluency metric. I thereby propose the frequency of computer-aided criminal activity as a fraction of all criminal activity to be a target metric for US technology education, higher is better.

What is a booty? The urban slang &quot;booty&quot; or something else like bootleg?

The next step is to reprogramme the delivery address and have the booty sent to the pirates.

Reminds me of the hack that happened in Antwerp. Basically the mob obtained access to data through extortion of IT consultants and was able to present the correct documents at the gates and drive away with the containers before the correct truck arrived. <a href="http:&#x2F;&#x2F;www.bloomberg.com&#x2F;graphics&#x2F;2015-mob-technology-consultants-help-drug-traffickers&#x2F;" rel="nofollow">http:&#x2F;&#x2F;www.bloomberg.com&#x2F;graphics&#x2F;2015-mob-technology-consul...</a> <a href="http:&#x2F;&#x2F;motherboard.vice.com&#x2F;blog&#x2F;how-traffickers-hack-shipping-containers-to-move-drugs" rel="nofollow">http:&#x2F;&#x2F;motherboard.vice.com&#x2F;blog&#x2F;how-traffickers-hack-shippi...</a>

the Da Vinci virus is a cover up for something even more sinister...

Sound like it could have been a lot more devastating if the attackers had more (mad) skill(z). I am curious, though, why law enforcement didn&#x27;t become more involved and track them down rather than just block them.

Funnily enough, I just finished reading a short story by Brad Taylor on this very topic:<p><a href="http:&#x2F;&#x2F;www.goodreads.com&#x2F;book&#x2F;show&#x2F;18849590-black-flag" rel="nofollow">http:&#x2F;&#x2F;www.goodreads.com&#x2F;book&#x2F;show&#x2F;18849590-black-flag</a><p>Entertaining if you like reading modern special forces fiction.

&gt; &quot;These threat actors, while given points for creativity, were clearly not highly skilled...&quot;<p>Wait so a few script kiddies were able to pwn a sophisticated company&#x27;s &quot;in house CMS&quot; (as if that was ever a good idea), and these guys are smug about the fact that the Pirates made a few typos?!

To paraphrase Grace Hopper -- first actual case of software pirates being found.

I was going to make a comment about international waters and privateers ...<p>And then realized that simply closing the security hole gains them the same amount of profit.

I like the part where they point out how unskilled they are, but still managed to get the job done.

if they&#x27;re looking for booty why don&#x27;t they use a porn site?