Monday, September 12, 2016

Cyber Pirates - Hacking on the High Seas
On 9 September 2016, OSINT provided a vivid reminder of how malicious actors use various malware tools to obtain shipping information that is often used in pirating on the high seas or within maritime ports.  When pirates raid ships, they generally have a good idea what they're after, because shipping databases are often surprisingly insecure.  Wapack Labs have proven such with past collection and analysis.  Professional hackers break in online, steal ships' manifestos and sell them on the dark web.  This information is in support of a 2015 Wapack Labs analysis of maritime key-logged data from a European port company; the results of which resulted in suspected fraudulent activity.  This information is being supplied for your situational awareness.

Publication date:                         9 September2016

Handling requirements:               Traffic light protocol (TLP) GREEN

Attribution/Threat Actors:           Cyber Pirates

Actor Type:                                  Tier III to IV

Potential Targets:                        USA / International

Past Reporting:                            DOC-3151, DOC-3881

The full attribution report has been published in its entirety in the Red Sky Alliance portal.  For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or

About Wapack Labs

Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber.  Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information.  The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.