Copenhagen: Danish maritime cyber security specialists CyberKeel latest research shows that 18 out of the top 20 containerlines – as well as their customers – are vulnerable to a cyber attack known as ‘click-jacking’.
The attacker tricks the shipper onto a fake website wherein they simply host a perfect copy of the carrier’s genuine website. When the shipper then proceeds to enter sensitive information, such as username and password, the attacker can steal this information, and subsequently act in the name of the shipper.
CyberKeel’s CEO, Lars Jensen, commented: “Container carriers typically spend significant resources verifying the identity of a shipper before he is allowed to use the full suite of ecommerce tools. This is only natural, as such access typically results in the ability to book cargo, amend shipment information as well as submit information related to bills of lading and other freight documentation. It is therefore of significant concern to both carriers and shippers that relatively simple types of attack can compromise such access. Unauthorised access can at worst be used to steal detailed shipment information, arrange transportation for illicit cargo, make fraudulent amendments to freight documents as well as steal the cargo itself.”
