Romanian high-speed acrobatic truck theft gang jailed by Paris court
A Romanian gang, dubbed the “acrobats,” who robbed trucks travelling at 90kph on French motorways, ...
Spam and ‘phishing’ emails are perpetually on the rise throughout the online universe, and the freight and shipping sector is no exception.
According to new research from CyberKeel, a maritime cyber security consultancy, 18 of the world’s largest 20 container carriers are vulnerable to a particular type of internet fraud known as “clickjacking”, which has become very popular amongst cyber criminals setting up fake websites to steal bank details.
Lars Jensen, CyberKeel chief executive told The Loadstar: “There’s not a tool you can put in place to stop people clicking the wrong links.
“There are, however, some simple tools carriers can use to make it more difficult for fake versions of their websites to be created and reduce the risks for their customers, but technically this type of cybercrime is actually an attack upon shippers.
Typically, a fraudster creates a fake version of a website a shipper arrives at via a phishing email, and once a username and password have been entered and recorded, the visitor is redirected to the genuine website and continues their business oblivious that these details have been stolen.
“A few months later there is suddenly an invoice, for say, five containers booked from X to Y, that they have never heard off,” Mr Jensen said.
He added that there were no credible statistics to indicate how widely this type of cybercrime had perpetrated the container shipping industry, “but it’s a method widely used in other fields, especially banking”.
Additionally, Israeli specialist Clearsky Cyber Security, which partners CyberKeel, this month uncovered a “large scale campaign” to impersonate shipping and banking websites, to which a New Zealand shipping company had fallen victim.
Mr Jensen continued: “Container carriers typically spend significant resources verifying the identity of a shipper before he is allowed to use the full suite of e-commerce tools. This is only natural, as such access typically results in the ability to book cargo, amend shipment information as well as submit information related to bills of lading and other freight documentation.
“It is therefore of significant concern to both carriers and shippers that relatively simple types of attack can compromise such access. Unauthorised access can, at worst, be used to steal detailed shipment information, arrange transportation for illicit cargo, make fraudulent amendments to freight documents and steal the cargo itself.”
The same research discovered that every one of the 11 maritime news sites it surveyed were vulnerable to the same risk.
As Mr Jensen noted, websites can prevent clickjacking by “using slight technical changes in their website setup”, such as using a frame-breaking functionality which can stop fraudsters framing the genuine site.
Of course, clickjacking is just one type of cyber threat to the shipping industry – a comprehensive list of other threats, how they operate and recent examples of how they have afflicted shipping can be found in a CyberKeel white paper, which found last October that 37 out of the 50 largest container shipping companies were vulnerable to what it called “relatively simple penetration attacks”.
WestJet will 'disrupt' Canada with three 737Fs, but rivals aren't scared
West coast ports suffering as US container imports plunge by 37%
Cost-cutting FedEx Express to retire MD-11s for B767s and 777s
The 'mother of all BAFs' looms for shippers as green targets advance
Carriers turn their gaze back to scrubbers as voyage results tumble
Maersk idles more ships while NOOs see a rebound in demand
Billund sees launch of Maersk Air China link – 'a start-up on steroids'
First shipper uses new land-air corridor ex-India for Bangladesh exports
CMA CGM eyes car-carrier market boom as liners are ready to invest
DSV buys in Arizona to boost services and cross-border LatAm trade
Shippers advised to give strike-hit port of Hamburg a miss
The parcel empires strike back as smaller players take stock
Comment on this article