Antwerp

Posted by iquin003 on

Isaiah Quinata
November 17th, 2024
CYSE200T
Professor Duvall

The Antwerp Breach and its effects on Cybersecurity.

BLUF
The Port of Antwerp Breach was one of the first instances of cyber-physical breaches to occur. These attacks were focused on the Belgian port and orchestrated by a multitude of organized crime syndicates to tamper with physical and digital systems alike. These incidents brought light to vulnerabilities within preexisting cyber systems and revealed the need for physical protection from physical infiltration. This situation was a pivotal moment in the history of cybersecurity and shaped the new cyber framework we have to this day.

Factors in the Antwerp Cyberattacks
The Antwerp Cyber Attacks were devastating and extremely effective due to a multitude of external and internal factors. Human error, supply chain inadequacy, and extreme physical vulnerabilities. These factors are all direct reasons for the ease of access to Antwerps servers but some are far more responsible and dangerous. Human error is a constant issue within the field of cybersecurity as it is often unaccounted for and employees are easily susceptible to scams if not trained properly. In this case, Spear Phishing was used against Antwerps workers to gain access to the port’s information systems. Supply chain inadequacy refers to the lack of security within a supply chain line of businesses. One weak link can cause a domino effect within an organization. While both of these issues are extremely important, the extreme physical vulnerabilities of Antwerp were the tipping point of their overall structure. With the port spanning over 50 square miles including hotels, theaters, and preserves, the criminals had no issue infiltrating Antwerp’s offices and businesses to place multiple Pwnies. All 3 of these incidents can be mitigated through strategies such as proper employee training and education on malware awareness, establishing necessary security requirements within a line of business, and overall physical security including surveillance, security personnel and electronically locked doors.

Pwnies and How to Combat Them
The physical devices used in the infiltration of the Belgian port were labeled as “Pwnies”. Pwnies are mini computers that are camouflaged as common office or location specific items, such as internet routers, plugs, and power strips, used to hack and infiltrate a businesses network. They have to be physically implanted by employees or intruders inside of the target location to properly function as intended. With a multitude of hacks preloaded onto the device they tap into a company’s network and siphon sensitive data from their internal servers onto the hackers personal network. Using this information, the organization behind the cyberattacks at Antwerp manipulated pick up dates and authorization codes to seize illegal cargo they had hidden among the rest of the shipment. There are several ways to mitigate these threats such as tighter physical security, continual moderation of network bandwidth, and MAC filtering. Tighter physical security will directly discourage and intercept unauthorized intruders from placing Pwnies in the building. The constant moderation of network bandwidth can also yield positive results by allowing one to check if their data transfer rate is slower than usual due to another device being hidden among their usual company owned technology. The final mitigation technique proposed would be MAC filtering, MAC filtering is an extra layer of defense in a network which is built upon role based access. By using designated IP’s MAC filtering can allow authorized users and devices onto the private network while simultaneously denying unauthorized IP’s such as ones built into Pwnies (GeeksforGeeks).

Protection from Inadequate Cybersecurity within Supply Chains
 Incidents with smaller companies that participate in large supply chains can directly impact entire enterprises and affect the transfer of raw materials and finished products. An example of this occurring would be the Target data breach of 2013. The Target data breach was one of the largest security breaches in the history of cybersecurity, it resulted in the net loss of 40 million credit and debit records, 70 million customer records and 18.5 Million USD in settlement alone (Red River). Hackers breached Target’s security through a third party vendor with a weaker cyber defense. Through this they gained access to Target’s data and customer information. To combat this companies should use things such as necessary security regulations among suppliers. By communicating these necessities, companies can better trust their chain with the safety of their data. Supply segmentation is a valid response that companies use to mitigate the occurrence of breaches. Segmentation is a technique in which groups of companies within a supply chain are contained on separate networks instead of a linear model to reduce the risk of one compromise leading to the infiltration of other larger companies (Tripwire). This technique is used by global scale companies such as Amazon, Walmart, and Apple (LinkedIn).

Physical Security and its Role in Cybersecurity
Physical security may seem like an irrelevant topic when it comes to the overall safety of cybertechnology, however it is just as important as other safety measures such as firewalls. The physical security within a business protects data from unauthorized access through the use of things such as pwnies. If physical security ceases to exist within companies, intruders can come and go, downloading data through usbs and other personal devices. Physical breaches are a real existing threat within cybersecurity and shouldn’t be taken lightly. The active monitoring of entering and exiting personnel is a direct solution to physical threats alongside the careful watch of suspicious activity among employees.

Conclusion
In conclusion, the Antwerp Port breach was an important moment in cybersecurity history to look and learn from. With multiple security factors coming into play and many commonly overlooked vulnerabilities, the breach of Antwerp showed the world the possibility of cyber-physical threats and their potential lasting effects. Antwerp finally understood the gravity of the situation after two long years of missing shipments and slower transportation rates. Overall mitigation is the key to an efficient company, this includes the rapid response to things such as physical threats. This event was a turning point in the world’s view on the physical ties to cybersecurity.







References
.Joseph Chukwube (n.d.). How network segmentation can protect supply chains from ransomware attacks. Tripwire. https://www.tripwire.com/state-of-security/how-network-segmentation-can-protect-supply-chains-from-ransomware-attacks
Jones, C. (2022, May 3). Warnings (& lessons) of the 2013 Target Data Breach. Red River | Technology Decisions Aren’t Black and White. Think Red. https://redriver.com/security/target-data-breach
GeeksforGeeks. (2023, April 16). MAC filtering in Computer Network. https://www.geeksforgeeks.org/mac-filtering-in-computer-network/
Agrawal, A. (2023, January 17). Exploring supply chain segmentation. LinkedIn. https://www.linkedin.com/pulse/exploring-supply-chain-segmentation-aditi-agrawal
Maritime, S. (2024, August 1). Antwerp incident highlights maritime it security risk. Seatrade Maritime News. https://www.seatrade-maritime.com/accidents/antwerp-incident-highlights-maritime-it-security-risk

Leave a Reply

Your email address will not be published. Required fields are marked *