Police warning after drug traffickers' cyber-attack

Eugen Leitl eugen@leitl.org
Fri Oct 18 07:55:46 PDT 2013


Eat your heart out, William Gibson.

http://www.bbc.co.uk/news/world-europe-24539417

Police warning after drug traffickers' cyber-attack

By Tom Bateman

Reporter, Today programme

Drug traffickers hacked into the computer controlling shipping containers at
the port of Antwerp

Earlier this year drug traffickers hacked into the computer controlling
shipping containers at the port of Antwerp

The head of Europe's crime fighting agency has warned of the growing risk of
organised crime groups using cyber-attacks to allow them to traffic drugs.

The director of Europol, Rob Wainwright, says the internet is being used to
facilitate the international drug trafficking business.

His comments follow a cyber-attack on the Belgian port of Antwerp.

Drug traffickers recruited hackers to breach IT systems that controlled the
movement and location of containers.

Police carried out a series of raids in Belgium and Holland earlier this
year, seizing computer-hacking equipment as well as large quantities of
cocaine and heroin, guns and a suitcase full of cash.

Fifteen people are currently awaiting trial in the two countries.

Mr Wainwright says the alleged plot demonstrates how the internet is being
used as a "freelance marketplace" in which drug trafficking groups recruit
hackers to help them carry out cyber-attacks "to order".

"[The case] is an example of how organised crime is becoming more
enterprising, especially online," he says.

A Europol official tells Tom Bateman how traffickers hacked into the IT
system at Antwerp port "We have effectively a service-orientated industry
where organised crime groups are paying for specialist hacking skills that
they can acquire online," he adds.

Vanishing containers

The attack on the port of Antwerp is thought to have taken place over a
two-year period from June 2011.

Prosecutors say a Dutch-based trafficking group hid cocaine and heroin among
legitimate cargoes, including timber and bananas shipped in containers from
South America.

The organised crime group allegedly used hackers based in Belgium to
infiltrate computer networks in at least two companies operating in the port
of Antwerp.

The breach allowed hackers to access secure data giving them the location and
security details of containers, meaning the traffickers could send in lorry
drivers to steal the cargo before the legitimate owner arrived.

Workers were first alerted to the plot when entire containers began to
disappear from the port without explanation.

"These criminal organisations always look for a new way to get drugs out of
the harbour," says Danny Decraene who heads the Antwerp organised crime unit
of the Belgian Federal Police.

Bag of cash seized by Belgian police

This suitcase, containing 1.3m euros, was seized by Belgian police during
raids on drug traffickers

"In this case they hired hackers [who were] very high level, intelligent
guys, doing a lot of software work," he adds.

He says the operation to hack the port companies took place in a number of
phases, starting with malicious software being emailed to staff, allowing the
organised crime group to access data remotely.

When the initial breach was discovered and a firewall installed to prevent
further attacks, hackers broke into the premises and fitted key-logging
devices onto computers.

This allowed them to gain wireless access to keystrokes typed by staff as
well as screen grabs from their monitors.

Assault rifle attack

Mr Decraene says the total quantity of drugs trafficked by the group is
unknown, but in a series of raids earlier this year police seized more than a
tonne of cocaine, with a street value of £130m, and a similar amount of
heroin.

In January a lorry driver unconnected to the plot was shot at after he had
unwittingly driven a container allegedly filled with cocaine from the
terminal at Antwerp.

The attack took place in the province of Limburg, where suspects armed with
AK-47 assault rifles fired at the driver, who was unharmed.

Following the cyber-attack in Antwerp, a joint operation by Belgian and Dutch
police resulted in raids on more than 20 homes and businesses.

Officers seized six firearms including a machine gun and silencer,
bullet-proof vests, and 1.3m euros (£1.1m) in cash inside a suitcase.

Mr Wainwright says the IT attack is consistent with a "new business model" of
organised crime activity and he says he expects this kind of cyber-security
breach to "become a more significant feature in future" of drug trafficking.

"What it means therefore is that the police need to change the way they
operate - they have to become much more tech savvy," he says.

"But also I think governments and parliaments need to help us to make sure
therefore that we have the right laws to fight back against this massive
exploitation of the internet," he adds.

Container companies operating out of the port of Antwerp say their IT
security has now been improved.



More information about the cypherpunks mailing list