Case Study of Port Antwerp
Physical and Online Threats
Josiah Morgan
Introduction:
The progress of the advancement of technology increases each and every day. The advancement
of technology came a long way from the first industrial revolution. Original machines required
more human labor than technical labor. An example of a machine from the first revolution is the
Spinning Jenny. A machine in which using arm labor processed cotton. Nowadays we have no
use for such machines, because we are far much more advanced than we were in the 1700’s. In
today’s age not much human labor is required when it comes to technology. The advancements to
technology have been extremely beneficial to day to day life. Along with good things come bad.
With those advancements more and more cyber security threats have been created. A prime
example of cyber crime is the case study of Port Antwerp. Port Antwerp would transport
hundreds of millions of containers. Through these transports criminals would transport drugs and
illegal contraband. Eventually in 2011 with the advancement of technology criminals became
more advanced and used a more advanced way to commit their crimes. With the use of phishing
attacks criminals took over the port and had full control on when and where all shipments went.
Eventually in 2013 technology became more advanced, so did the hackers. Hackers used
keyloggers and pwnies and took over the passwords and pins of the entire system. Port Antwerp is a prime example of how with the advancement of technology will bring more and more
advanced cyber threats. This article will give you a brief history of technology and answer the
questions of how to mitigate factors to a technical challenge/threat, what pwine is and how to
mitigate it, how to protect a business from inadequate cyber security, what are techniques used
by companies to mitigate these risks, and whether of not physical security important in the world
of cyber security.
History
Technology was first revolutionized in 1760 with machines such as the spinning jenny, water
wheel, power loom, and spinning mule. During this time everything was done by hand, and
cyber security threats weren’t a thing, just physical threats. The second revolution came with the
creation of electricity and power machines. At this time technology was less reliant on man and
more self reliant. Cyber security threats still weren’t a thing at this time. The next industrial
revolution introduced computers. Along with computers cyber security threats were introduced at
this time. The fourth and last industrial revolution was the introduction of Cyber-Physical
Systems or the Internet. This revolution is part of today’s age, many cyber security threats are a
part of today’s age.
Port of Antwerp
The Port of Antwerp is a part of the shipping industry. Antwerp is the 15th largest shipping
industry port in the world. The port is used to ship and transport goods and materials through
large indestructible metal boxes. Ports like Antwerp are legitimate businesses, but that doesn’t
stop criminals from conducting illegal business within. Drug cartels and rings would sneak
illegal contraband and drugs into these boxes and transport them across countries. With the
advancement of technology Antwerp improved its security so simple criminals can’t just sneak
illegal drugs and contraband into containers. The criminals found a way around this in 2011.
Using phishing attacks criminals took over access to when, where, and what the port was
shipping. This is a show of how the advancement of technology will also bring new threats. In
2013 criminals wanted something much bigger than just a simple phishing attack. Full control of
the port is what the criminals aimed for. In the process of physically breaking into the port with
the help of keyloggers (A device that marks every move/keystroke on a device) and pwnies
(device disguised as powerstrip/router used to hack/own someone’s device). Eventually workers
at the Port of Antwerp found out about the missing containers and the criminals inevitably were
prosecuted. Again the Port of Antwerp’s cyber security risks were mitigated, and security
systems were improved.
Questions for Mitigation
Factors
When it comes to prevention of what happened at the Port of Antwerp there are plenty of factors
that could have been mitigated to prevent what happened. The number one factor is physical
security. In the beginning even before the cyber attacks criminals were physically sneaking in
drugs into the port, so it’s needless to say that this has been a problem that could have been
solved already. I think the attack in 2013 could have been prevented if the port had better
physical security, because the hackers had to break in to place the keyloggers and pwnies.
Surveillance is another factor that can be improved. Security cameras that have 24/7 view on all
the containers would prevent any of the events that occurred in 2011-2013.
Pwnies
Pwnies are hacking devices that disguised themselves as something such as a router or power
surge. These devices give hackers access to own your network. Mitigating something like this is
tricky. Having a clear distinction or label on all your devices is one way to prevent these. ALong
with that good surveillance will suffice, so you know if one of your routers of surges has been
switched out for one of these devices, and you can dispose of it right away.
Supply Chain
The events of 2013 at the Port of Antwerp were caused by a lack of security of smaller
companies in Antwerp’s supply chain. There are ways this could have been prevented. In a
supply chain to mitigate risk to the main company, other companies’ systems should not be
connected to the head’s mainframe network. Smaller companies should have their own network
that they are responsible for that way if there is an attack on them the main network is not
compromised. Also there should be a general base of security requirements for any company in
the supply chain. That way everything through all the networks is secure.
Physical security
As mentioned before, the events of 2013 at the Antwerp Port could have been prevented if there was
better physical security. Any cyber security expert should know physical security comes first. If a hacker
can do substantial damage to your system from thousands of miles away, what do you think they can do
when they have direct access to your whole network? Protecting your network physically is just as if not
more important than protecting it in the cyber world. Not only hackers, but normal criminals can damage
your system physically. If you have no physical security what’s stopping a criminal from using normal
tools to break your system and maybe access money vaults or other valuable assets.
Conclusion
After reading this article you will learn some brief history of technology, and also the story behind the
Port of Antwerp. Along with those learnings you will have learned mitigation strategies and how all the
events of Antwerp could have been prevented with better technology, and physical security. The cyber
world is evolving everyday along with that evolution of technology comes more threats. No one can truly
be fully prepared for every threat. It’s important to improve security online and physically to mitigate and
prevent any unknown threats