Caden Reidy
11/28/2025
200T
Mrs. Duvall
Port of Antwerp overview
BLUF: The factors of this case are, weak logins, passwords, and phishing scams. Pwnie is a hardware implant that steals information. The ways to protect a supply chain would be hiring a risk management company, monitoring important partners, and a planned out guide. The physical security mitigation strategies are, background checking new hires and things like a fence, cameras, and guards.
1. What are all the factors in this case?
There are a large number of factors that influence the case of the port of Antwerp, like weak logins and passwords, with attackers gaining access to people’s logins and passwords they can silently access the systems used by the company. It was one of the most important factors in this case as being able to control a person’s systems lets hackers do whatever they want if the account has high permissions into the system. There are ways to mitigate the risk and chance of this happening though. As making everyone do multi factoring authentication can almost stop all the attacks alone. But in case it does happen something like a second confirming person could also help when dealing with risky containers or changing pick up dates around. Another factor is how the attackers were able to phish their way into the system and then implant malware into it. “Spear phishing attacks are similar to regular phishing attacks in that bogus emails, or sometimes text messages, are sent to employees, enticing them to click on what appears to be a legitimate link.”(Kirkpatrick, 2016) They went after the port’s companies that run the system they use to collect roles and access to new parts of this system. Things to help against this would be malware and phishing training for higher rolled employees that would be the ones to be targeted. Also limiting access for people that do not need to see information so a single breached account can’t find its way into most of the system and its data. Lastly is not monitoring their systems, this is the most important factor of the case study as if anything is done by attackers it can be caught early and quickly responded to. This could limit damage across the port and its system which need to be up and running all the time. A well organized log that will watch for unnatural things like a lot of changes quickly, incorrect information given to the system, and different pickup lines.
2. What is a pwnie and how do you mitigate a device?
A pwnie or hardware implant is a small device hackers use to break into a system. It usually looks like a piece of equipment that people would use often like a router. It is needed to be placed inside the port’s system to track things like, the keys types in, watch what people are doing and record it, and slowly and silently steal data from the system to then transfer it out to the attackers. In Antwerp this device was watching the keys people and employees were putting in. It was hidden in surge protectors which allowed it to go unfound for as long as it did. A few ways to mitigate it would be to observe and follow the inventory of every approved item, which would be where an employee every once in a while would do checks in important areas of the port to find certain devices that aren’t approved. Develop ways to detect incoming attacks, whether this may be from a new MAC IP or WiFi signals taking data from the port it would help a large deal with dealing with attacks like these. Lastly is limiting the abilities that all employees have on systems. Instead of almost everyone having the same permissions to view or edit branches they don’t even work for, it would be better to limit an employee to just the necessary data and access they need to complete their job. With less people seeing everything that would be going on in the system the less likely it is for someone to leak important information to attackers and it minimizes the damage one can do without access to other areas. “A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer’s keyboard.” (Kirkpatrick, 2016)
3. How to Protect the Supply Chain?
The question is wondering what is the best way for the port to protect their supply chain. As one of the largest ports in the world it needs to be connected with a lot of people and companies to get the needed materials for many things. It also points out the Target breach in 2013 (Target is a multi billion dollar company) as a warning that even the best of the best can still become breached under lack of security. The way someone could protect the port’s supply chain would be, hiring a risk management company to track and rank how risky a certain trade or company would be. This could take out all the issues of finding people to do their own research. Monitoring constantly to make sure the port would know if and when and what got breached into and what the port has to remove from the companies system. The port could make a system so every company has their own isolated section of the port that they can access. So if one side would become breached everything else would be side. Same with the main system with important information and data. A well planned out guide would be sent to each and every company that the port is connected to limit the possibilities of being hacked into. Then what to do if the worst case scenario does happen. A shared plan that is given to any important partners of the port that tells the company what to do in case of an operational breach. A joint practice with some of the willing companies would also help a lot so people would have experience in those types of situations.
4. What are Physical Security Mitigation Strategies?
There are many ways a company could mitigate a physical security threat. Like background checking every new hire that is brought into the company. While not foolproof this could protect themselves from quite a lot of possible hackers as sometimes groups send someone out to be hired there and allow them into the system once they have enough access. Next, things like a fence, camera, and guards, could help a great deal. This would stop non approved people from getting access to important rooms like the server and network.
Conclusion: As a reminder, Factors of the port of Antwerp are weak logins, passwords, and phishing scams. Pwnie is a hardware implant that steals information. The ways to protect a supply chain would be hiring a risk management company, monitoring important partners, and a planned out guide. The physical security mitigation strategies are, background checking new hires and things like a fence, cameras, and guards.