A soft target

17 Dec 2013
Cybercrime and international drug smuggling are now inextricably linked

Cybercrime and international drug smuggling are now inextricably linked

Ports increasingly need to focus on cyber as well as physical security needs reports Stevie Knight

Antwerp’s recent security breach and massive eight-tonne cocaine haul has raised questions: not just about how much of this stuff is getting through, but how many targeted ports simply remain unaware they are under cyber attack?

“It’s a certainty” that some port’s container stacks are being infiltrated without anyone noticing, says consultant Henk van Unnik, previously chair of Rotterdam’s Port Security Development Board and president of the International Association of Airport and Seaport Police. He adds: “A few years ago drug smuggling tended to hinge on bribery or extortion, but a port’s software is a much easier target.”

So, to get at the cases of drugs that have made their journey stashed inside legitimate containers all a criminal gang needs to do is access a port’s IT system and make a few tweaks. “The port or terminal may well not even know it’s been hit and worse, might not understand the implications even if it does realise something has happened, laying itself open to further exploitation,” explains Dan Solomon of security firm Optimal Risk.

Mr van Unnik adds: “It’s not unknown for a crime ring to change a reachstacker’s orders and get a box with its hidden suitcases of smuggled drugs to move from a restricted quarter to a more relaxed yard area.” The container still has to be opened, but the reachstacker has obligingly tucked it away behind some tall stacks. “It’s closed up again with a duplicate seal so all is apparently as before,” he says. 

Interestingly, he points out a second method the gangs use is hacking in to change the truck and driver details to one of their stooges who goes in to pick up the box. It’s an effective switch, as Antwerp knows to its cost.

 

Covert operations

But while Antwerp was alerted by ‘disappearing’ containers, it’s not always that obvious explains Mr van Unnik; some gangs will simply close the container up again with the appropriate seal, even delivering it to the right address. “It just looks like a normal load, similar to thousands of others. No-one is any the wiser.”

The reason for such subterfuge is simply to keep the route open for as long as possible: while terrorists quite often want their actions to be noticed, international usually gangs don’t.

At this point it’s worthwhile asking, how big is the actual problem – and why should a port worry? Firstly, Mr van Unnik’s draws on experience: “In my time as chief of the port police in Rotterdam, we intercepted up to 10 or 12 tonnes of cocaine, annually. But even huge hauls didn’t affect the street price, so you can only imagine how much is getting through.”

Secondly, it’s a bit like any nasty infection – don’t treat it and it will grow. Mr Solomon explains while terrorism grabs the headlines, even organised crime can have a devastating effect if you get to the point where it has undermined confidence in the system. “The minute there’s no trust in the paperwork, the minute you admit don’t know what’s in the containers, everything stops. Until you can prove you have a system that works, frankly, you have a severe problem...”

Despite this, Mr van Unnik adds that the fight is tough and not one the ports can win all the time. Still, “doing nothing is not an option” he says. “You have to do your utmost to keep the integrity of the business climate. It’s a matter of trust.”

 

Varied approaches

However, different areas have different pressures. Mr van Unnik admits that while some regions have a fairly low cyber security base and just need to upgrade their processes, others that may have very sophisticated systems are undermined by attitude. “There are places that plainly accept corruption as part of their culture, so security issues are that much harder to address,” he concludes.

Further, some regions may simply be looking in another direction. “African or Middle Eastern ports are usually going to be more worried about physical security... the budgets they do have will be focused on what they see as the high-probability issues. But that doesn’t mean that other threats go away,” says Mr Solomon.

On top of this, the drive for volume has played a part in ports’ vulnerability to cybercrime. “There’s been a lot of focus on efficiency but to an extent, this is a trade off against security,” he adds. “You only have to look at the way the systems are layered; as the software that controls it all usually lives on the same server as everything else, once hackers are in, they are in.”

Not only is the battle against international organised crime particularly tough, it’s made more difficult by the complexity of seaport environments which, unlike airports, can’t be isolated.

As Mr Solomon points out, there tends to be a fault line where the two sides, physical and cybersecurity, converge: “You don’t need a very sophisticated hack to get hold of the passwords,” he says. “If you can access key facilities, a discrete data logger can be easily planted to ‘capture’ key strokes.”

 

Open for business

However, John Kerkhof of Antwerp Port Community Systems says that the biggest issue in the fight against cybercrime has been caused by the ubiquitous nature of the internet.

He explains that hackers install malware on shipping lines’ computer systems using information culled from social networking sites. The recipient would get an apparently innocent email from a friend which quietly generated screen shots, delivering data about the pick-up codes to the criminal gang.

The reality is that fighting it is only going to get harder; he points out: “These gangs have time and money.” Unlike many ports.

Despite this, information-sharing gives ports and terminals “their most effective weapon” in the fight back, says Mr Kerkhof. Antwerp is building a security working group which is learning best practice from other professional security regimes, and it’s also getting round the table with its stakeholders.

“Further, as the gangs’ modus operandii become known, ports can check with each other and organisations like Europol and take appropriate measures.” Standards can also help, as Authorised Economic Operator or equivalent shows that logistics companies have been audited for checks and controls “which means inspections can be focused on the less secure ones”, he concludes.

But technology can be used to fight technology. As Mr Kerkhof explains: “If you can’t make a house safe, you have to make sure there is nothing in the house to take.”

So, APCS has developed a platform that leaves the pin code generation till the last moment: “The pin code is the final element in the chain, only being created when the driver requests it so there is nothing for the criminal gang to find sitting on the system.”

He adds after being trialled by Antwerp’s MSC terminal and drivers for a year the platform is about to be rolled out to other facilities, giving less for the cyber gangs to get their teeth into. 

Links to related companies and recent articles ...

DP World

view more

Antwerp Port Authority

view more