Forgot your password?
Close
typodupeerror
Crime

'Crime Rings Enlist Hackers To Hijack Trucks' (msn.com) 41

Posted by EditorDavid from the Smokey-and-the-bandits dept.
It's "a complex mix of internet access and physical execution," says the chief informance security officer at Cequence Security.

Long-time Slashdot reader schwit1 summarizes this article from The Wall Street Journal: By breaking into carriers' online systems, cyber-powered criminals are making off with truckloads of electronics, beverages and other goods

In the most recent tactics identified by cybersecurity firm Proofpoint, hackers posed as freight middlemen, posting fake loads to the boards. They slipped links with malicious software into email exchanges with bidders such as trucking companies. By clicking on the links, trucking companies unwittingly downloaded remote-access software that lets the hackers take control of their online systems.

Once inside, the hackers used the truckers' accounts to bid on real shipments, such as electronics and energy drinks, said Selena Larson, a threat researcher at Proofpoint. "They know the business," she said. "It's a very convincing full-scale identity takeover."
"The goods are likely sold to retailers or to consumers in online marketplaces," the article explains. (Though according to Proofpoint "In some cases, products are shipped overseas and sold in local markets, where proceeds are used to fund paramilitaries and global terrorists.")

"The average value of cargo thefts is increasing as organized crime groups become more discerning, preferring high-value targets such as enterprise servers and cryptocurrency mining hardware, according to risk-assessment firm Verisk CargoNet."
This discussion has been archived. No new comments can be posted.

'Crime Rings Enlist Hackers To Hijack Trucks' More

'Crime Rings Enlist Hackers To Hijack Trucks'

Comments Filter:
  • Would be in awe of this. No more having to try to slow down trucks while a guy shoots harpoons into the passenger seat and then jump into the cab to tranquilize the driver and steal the entire truck and trailer!

    • Re: (Score:2)

      by mjwx ( 966435 )

      Would be in awe of this. No more having to try to slow down trucks while a guy shoots harpoons into the passenger seat and then jump into the cab to tranquilize the driver and steal the entire truck and trailer!

      Yep, does the criminal in question look similar to Vin Diesel?

      I believe hacking into things was the plot arc of a few of the later F&F movies.

  • "It just fell off the back of a truck, I swear". Yeah okay. Anyway same thing, but with less violence.

  • such as electronics and energy drinks

    I'm pretty sure I don't understand the economics of at least one of these things that make them a theft target -- unlike something that may be making a resurgence [theregister.com].

    • Re: (Score:3)

      by EvilSS ( 557649 )
      They are easy to offload and hard to trace once you get away with the initial theft. Sell to a sketchy local distributor who sells them on to stores (convenience stores, mom-and-pop bodegas, etc.)

    • Re: (Score:3)

      by Tailhook ( 98486 )

      Yeah, the energy drinks aren't going to make anyone wealthy, but it's still a payday. The retail value of a trailer full of Red Bull is about $130,000. Figure they'll get maybe 10% of that from some retailer and you clear $13,000, tax free. Low risk, because it's not drugs or guns or whatever. Not bad for maybe a couple hours work.

      • Are you crazy?

        Red Bull is at least $3/can.

        A trailer full of Red Bull is about 70,000 cans. That's around $200K.

        Sell for 1/3rd value and you have a good year's tax-free salary from one truckload.

        • Eh, make that $370K, do a third Calin's more like $125k or so, tax free, when sold at 1/3 value.

        • Re: (Score:3)

          by tlhIngan ( 30335 )

          Red Bull is at least $3/can.

          A trailer full of Red Bull is about 70,000 cans. That's around $200K.

          Sell for 1/3rd value and you have a good year's tax-free salary from one truckload.

          They're $3/can retail. The store pays at most $2 each. Most likely $1.50 from Red Bull but there are many variables. So a trailer full of cans is around $140k if it's $2/can.

          Grocery store margins are thin - the $1 margin is used to pay for transport, storage, store operations (utilities/etectricity, staff wages, etc), so the actua

        • Re: (Score:3)

          by Tailhook ( 98486 )

          Are you crazy?

          No, I'm not. Don't be a sperg.

          Red Bull is at least $3/can.

          No, it isn't. 12oz 4pk@$10.99 = $2.75

          A trailer full of Red Bull is about 70,000 cans.

          No, it isn't. ~56,500 12oz in a 80k lbs trailer, max.

          sold at 1/3 value

          Wrong "value." Retailers don't pay retail, obviously.

    • High value, easily to sell, fungible.

    • They are like laundry detergent. They can setup booths at fleamarkets or sell on craigslist and sell them for around 50% of the retail cost. The retail prices on them are high so the theives can make a good profit selling them that way and there is almost no change of them being detected by the police.
  • Comment removed based on user account deletion

    • No. Nothing is secure.

      Nothing has ever been secure. Before the internet and after the internet, security has been an illusion.

      Consider pickpockets. They used to go for your wallet. These days, they go for your phone.
      In the past, people tried to steal money by altering checks. Now, they send you fake payment links.

      What has changed as a result of new technology, is *how* things are stolen, not *whether* they are stolen.

      • Comment removed based on user account deletion

        • Your question is posed in black and white terms, but reality is many shades of gray. There is no one threshold of security, that makes "the internet" too insecure to use. For most of us, for everyday use, the internet is secure enough.

          Security has always been, and is, an arms race. Hyundai recently provided an illustration of this arms race. Cars did not need an electronic engine immobilizer until the 1990s, when they began to be widely used. Hyundai was late to the party, leading to a spike in thefts of Hy

          • Comment removed based on user account deletion
            • Comment removed based on user account deletion

            • The problem is the bad guys may be winning the race.

              You are again painting the race as binary, black and white, as if there is just one race and just one winner.

              The reality is that there are a million different races when it comes to security, each one with a varying level of risk. Each risk has multiple potential mitigations, which will be employed by some and not by others.

              No, there is no tsunami of "bad guys winning" that will suddenly upend civilization. Water always seeks its level. The security arms race likewise always puts just enough effort into ris

              • Comment removed based on user account deletion

                • You are nit-picking irrelevant details. "Guy" vs. "guys" and "car alarms" vs. "theft deterrents" are not relevant. What is relevant is that as the risk goes up, people are motivated to increase their counter-measures. Electronics don't change that one bit. It's just a new battle front in the never-ending war for security.

                  There *is* one thing in common for every place where the "bad guys" are winning; corrupt governments. Latin America, Russia, many Asian countries. Wherever you see high crime, it's because

  • Canâ(TM)t wait to see what they do once the trucks are autonomous.

    • Yes of course, there will be criminals that take advantage of the vulnerabilities of self-driving vehicles, just as they have taken advantage of the vulnerabilities of all technologies that came before. But the automated vehicles will then be equipped with new safeguards and new countermeasures, and the arms race will go through yet another cycle.

    • Then wait until they are driverless, armed and trained to shoot.

  • If their computers don't have RGB lights that make their hacking go faster, I'm going to be disappointed.

  • Someone around me recently stole an entire truckload of chicken eggs. I think the value was over $1M. They never did find the eggs or the egg thieves, as far as I can remember.

  • Once inside, the hackers used the truckers' accounts to bid on real shipments,

    So the hackers enter bids in the name of real truckers. Don't these truckers "close the loop" on the paperwork? They didn't bid on that load, so why are they picking it up?

    • Once inside, the hackers used the truckers' accounts to bid on real shipments,

      So the hackers enter bids in the name of real truckers. Don't these truckers "close the loop" on the paperwork? They didn't bid on that load, so why are they picking it up?

      As I understand it, it's at the broker level the theft occurs. Company A hires logistics company B to deliver goods, who then arranges for the load to be picked up by a trucking firm. Some of that may get offloaded to another trucking broker, who is fake and takes the load, hires a legitimate trucker who they give a different delivery address, and the load disappears. The trucker has no idea the load is being stolen, the driver is just doing a delivery like they always do.

  • ...is no longer the thing to say?

  • It's "a complex mix of internet access and physical execution," says the chief informance security officer at Cequence Security.

    Sound like one of the heists from Neuromancer

Slashdot Top Deals

"There... I've run rings 'round you logically" -- Monty Python's Flying Circus

Close