Hackers are working together to steal million dollars diamond, Late on a Friday afternoon in early 2015, Chris Novak got a strange call. As the director of Verizon’s investigative response team, he was accustomed to desperate corporations dialing into the group’s 24-7 hotline to stanch the bleeding caused by cybersecurity crises — credit card fraud, financial fraud, intellectual property theft. “We operate an emergency room for IT and data breach emergencies,” Novak said.
Then the corporation on the other end of the line, a main Middle Eastern shipping concern, had a new one. In fresh months, pirates — real pirates, in the South Pacific — had boarded a half dozen of this company’s ships and stolen millions of dollars worth of cargo.
That was a problem, but it wasn’t an unusual one, and barely one for a data breach investigations team. No, what had the shipping company freaked out was that the pirates seemed to have advance knowledge of what was on its ships. In most cases, it can take hours or even days to go through the tens of thousands of shipping containers on a major cargo vessel, or to siphon off oil or gas.
These pirates, however, were in and out in 90 minutes. And when the ships’ crews emerged from the designated “safe rooms” in which they lock themselves during hijackings, they found that most of the cargo — cars and car parts — was untouched.
Giving to Matt Walje, a project officer at Stacks Beyond Piracy and the chief author of that collection’s “The State of Maritime Piracy 2014” report, this degree of sophistication has come as a surprise in maritime security circles. The pirates had only opened and stolen from certain containers: the ones with diamond jewelry private. That meant the pirates most likely had access to the ships’ manifests and bills of lading, documents that would provide the exact location of the most valuable and easy-to-move cargo on the ship.
The obvious, immediate suspicion was that the pirates had someone on the inside. But the company rechecked its employees’ backgrounds and came up short. So it turned to Verizon’s investigative response unit, based out of Basking Ridge, New Jersey, which investigates data breaches for
corporate clients. On a whiteboard in their “war room,” Novak’s RISK (Research, Investigations, Solutions, and Knowledge) team wrote up a roster of everyone at the company who had access to the content management system (CMS), where all the shipping data was stored, and then systematically checked what all these employees were doing at their workstations, pulling email and other forensic evidence.
“As far back as we looked, none of these employees were doing anything out of the ordinary,” Novak told BuzzFeed News