In a recent e-mail to colleagues in maritime and supply chain security, Stephen Caldwell of the GAO shared information regarding the use of cyber hackers to facilitate drug trafficking.
Caldwell advised:
The traffickers employed hackers, who broke into the port terminal system and modified information on selected containers that were used to ship drugs. This allowed the traffickers to remove the cargo containers from the port in what looked like a legitimate pickup. The container terminal in Antwerp started to get suspicious because of the growing number of containers that seemed to “disappear” from the port area.
It does not take too much imagination to see that this same type of scheme might be used in an attempt to smuggle in other items, potentially terrorist contraband such as Weapons of Mass Destruction, into a port, and out the gate. The potential vulnerability of port facilities and processes to cyber attacks has been a growing concern to me. It was one of the reasons I worked with Congress to request a GAO research study on cyber security in seaports. That report is now in draft and should be out later this Spring.
According to the BBC, cocaine and heroin were hidden amongst legitimate cargoes of timber and bananas shipped from South America. Once hackers gained access to computer data, truck drivers could take the containers before the legitimate owners arrived to claim the cargo. Container companies out of Antwerp have changed their IT security measures.
The full BBC article can be obtained by clicking here.
The message by Mr. Caldwell is heavily applicable to the newly relased USCG ALCOAST 122/14, which can be read by clicking here. To summarize, cyber related vulnerabilities are a growing portion of the total risk exposure facing the Marine Transportation System (MTS). The Coast Guard is working to develop the tools and policies that will enable us to identify, evaluate, and address those risks, and to incorporate those policies into our existing operations and activities. The purpose of this ALCOAST is to provide guidance to Coast Guard field units on emerging tools and policies that address MTS related cyber security risks, and to outline our intentions to grow that capability in the future.
According to ALCOAST 122/14, the Winter 2014-2015 edition of The Coast Guard Proceedings publication will focus on cyber.
A video of a Europol official explaining how the Antwerp hacking worked can be viewed below.
