Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday November 22 2017, @03:47AM   Printer-friendly
from the instead-of-csv-files-we-should-use...xls? dept.

Now that's cyber-terrorism:

A Suezmax container ship can hold over 10,000 TEUs or “Twenty Foot Equivalent Units”. Most containers carried are double this length – FEUs or “Forty Foot Equivalent Units” – but that still means in the region of 5,000 containers.

Only around one third of that cargo is on-deck though – most is hidden in the holds, under massive hatch covers. To get a container out from the bottom of the hold could involve removing 50 containers from that hatch cover, removing the hatch cover, then taking a further 8 containers to access the bottom of a stack.

Screw up the load plan and you create chaos. What if the load plan, which is just a CSV list or similar, is hacked and modified? No-one knows what container is where. instead of taking 24-48 hours to load and unload, it could take weeks to manually re-inventory the ship. Time is money for a ship. Lots of money. Blocking a port for a period whilst the mess is resolved incurs enormous costs and could even jeopardise supplies to an entire country.

Seems like more bang-for-the-buck than an IED [Improvised Explosive Device].


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 1, Insightful) by Anonymous Coward on Wednesday November 22 2017, @04:03AM (5 children)

    by Anonymous Coward on Wednesday November 22 2017, @04:03AM (#600038)

    tfa sounds like the plan is to simply scramble the container locations, someone that ordered widgets from China gets hoodies from Vietnam.

    Wouldn't it be more "fun" to load all the heavy containers on one side of the ship, so it rolls over?

    Of course it's no fun for me as the shipper if my cargo ends up in Davy Jones' locker.

    • (Score: 2) by edIII on Wednesday November 22 2017, @05:27AM (3 children)

      by edIII (791) on Wednesday November 22 2017, @05:27AM (#600054)

      Ummm, I would think with 5k-10k containers that if that happened you would fire the crane operators. They would be drinking beers and continuing to stack, the entire time ignoring that their containers are angling away from them and that none of them are being set down level anymore. You would have many, many, many opportunities to notice it start to turn over.

      I could only imagine that is willful ignorance, unless entirely automated.

      --
      Technically, lunchtime is at any moment. It's just a wave function.
      • (Score: 2) by sjames on Wednesday November 22 2017, @06:50PM (2 children)

        by sjames (2882) on Wednesday November 22 2017, @06:50PM (#600285) Journal

        More "interesting" would be loading the heavy containers on top and light containers below. A top heavy load wouldn't be visually apparent at the dock but could spell trouble in rough seas.

        • (Score: 3, Informative) by edIII on Wednesday November 22 2017, @09:06PM (1 child)

          by edIII (791) on Wednesday November 22 2017, @09:06PM (#600349)

          Another poster basically explained that it's impossible. Too many people involved getting real time reports, the cranes also weigh the cargo at the same time. You would need to fool the cranes about the weight of the cargo. Even then the poster pointed out that there are other ways to detect it before it even casts off from its moorings.

          --
          Technically, lunchtime is at any moment. It's just a wave function.
          • (Score: 2) by sjames on Wednesday November 22 2017, @09:40PM

            by sjames (2882) on Wednesday November 22 2017, @09:40PM (#600366) Journal

            That poster mis-understood the attack. The containers would contain exactly what they should, so the weights would match up with the IDs just fine. They would know exactly where they were. They would just be positioned anti-optimally for safety or unloading.

    • (Score: 0) by Anonymous Coward on Wednesday November 22 2017, @05:27AM

      by Anonymous Coward on Wednesday November 22 2017, @05:27AM (#600055)

      Wouldn't happen without a lot of other things happening first, such as hacking internal sensors, instruments on the bridge, and the brains of the people actually monitoring the vessel while it's being loaded.

      Or did you think they did it blind?

  • (Score: 2) by coolgopher on Wednesday November 22 2017, @04:14AM (1 child)

    by coolgopher (1157) on Wednesday November 22 2017, @04:14AM (#600039)

    Row, row, row your boat...

  • (Score: 2) by MostCynical on Wednesday November 22 2017, @04:41AM

    by MostCynical (2589) on Wednesday November 22 2017, @04:41AM (#600044) Journal

    http://www.wired.co.uk/article/load-a-container-ship [wired.co.uk]

    http://shipsbusiness.com/stacking.html [shipsbusiness.com]

    With the list of what needs to be considered, and the implications of getting some/all of it wrong, this attack vector must actually be quite difficult, or I suspect we'd have seen it by now (software being just a new opportunity for switching/messing with the hard copies)

    --
    "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
  • (Score: 0, Redundant) by MichaelDavidCrawford on Wednesday November 22 2017, @05:18AM

    by MichaelDavidCrawford (2339) Subscriber Badge <mdcrawford@gmail.com> on Wednesday November 22 2017, @05:18AM (#600048) Homepage Journal

    Just put all the heavy stuff on the port side, and all the lightweight stuff on the starboard side.

    The Imperial Japanese launched a battleship only to have it turn immediately upside-down.

    --
    Yes I Have No Bananas. [gofundme.com]
  • (Score: 3, Interesting) by edIII on Wednesday November 22 2017, @05:21AM (3 children)

    by edIII (791) on Wednesday November 22 2017, @05:21AM (#600049)

    Screw up the load plan and you create chaos. What if the load plan, which is just a CSV list or similar, is hacked and modified? No-one knows what container is where. instead of taking 24-48 hours to load and unload, it could take weeks to manually re-inventory the ship.

    1. Clustering. Keep containers belonging the same companies together as much as possible. Even without a list, once you find a company's container, you probably just found the rest of the containers.
    2. RFID. Since the data is programmed inside the RFID, and could be read-only, that's a hard attack vector when you have 5k-10k targets. That's assuming exactly the same RFIDS suffering from the same vulnerability. No easy central database to hack.
    3. Spray on QRCodes with max data protection. This is something that could possibly be retrofitted into the cranes themselves, allowing a tagging of each container on the top at a minimum, and ideally on three sides. Not small either, but like 3 feet wide. Big enough that a hover drone from a hundred feet up could literally read hundreds of containers at once.
    4. Automated drone inspections. Program a flight plan and automatically photograph the face of every container within view. Drones can be smaller, so even 2ft in between containers may be enough for a drone to take a high resolution picture. Photographs could be very quickly inspected and numbers, barcodes, qrcodes, RFID, whatever, could be automatically scanned.

    That's four ideas pretty fast. Technology is evolving very fast to allow us to do things like this in much faster time periods. Fuck, add some LIDAR to a specialized drone, and I bet you could re-catalog the whole ship in 72 hours WITH mapping software being able to direct you to exactly where the container is. If you used multiple drones even faster. Considering that the Orange Anus is so hell bent on border security, he might want to get these kinds of specialized inspection drones sooner than later. Unless he is so stupid he thinks we have 2 borders, or 1.

    --
    Technically, lunchtime is at any moment. It's just a wave function.
    • (Score: 3, Informative) by isj on Wednesday November 22 2017, @02:47PM (2 children)

      by isj (5249) on Wednesday November 22 2017, @02:47PM (#600184) Homepage

      When I worked in the shipping industry 17 years ago the cranes were starting to get cameras with OCR in them so they could pick up the container number (eg. HLCU 123456-7). I can't speak for all ports and cranes but the article's speculation "No-one knows what container is where" is unlikely. The cranes also measure the weight of each container as them lift them, and that information is sent (realtime or a few hours delayed) to the captain, the stevedore, the carrier, custom's office, etc.

      Also, the ship has sensors for pitch and roll, so if many containers have the wrong weight the captain would quickly realize it and stop the loading until it could be investigated.

      That leaves the idea of making the load top-heavy. You couldn't do that blatantly as either the crane operator, the foreman or the captain would go "why are we stowing all those heavy containers at the top?". You would have to make small changes to the weight and hope the captain doesn't get the updated bayplan before he casts the mooring.

      There was a similar discussion on the green site back in 2013: https://tech.slashdot.org/story/13/07/12/2126222/container-ship-breaks-in-two-sinks [slashdot.org]

      For those curious about shipping failures (ships, trucks, barges, planes, ...) there is a gallery: http://www.cargolaw.com/gallery.html [cargolaw.com]

      • (Score: 2) by sjames on Wednesday November 22 2017, @09:28PM (1 child)

        by sjames (2882) on Wednesday November 22 2017, @09:28PM (#600358) Journal

        The objective isn't to confuse which container is which. It's to get them loaded all wrong. One attack is to simply get them loaded in the wrong order such that a ship with multiple ports of call ends up having to unload half the cargo to get to the right container which should have loaded on top but ended up below. The weights and id numbers of each container will be correct and they'll know exactly where it is, it will just be in a bad place for unloading.

        The other is that the containers (still identified correctly) get loaded in a way that makes the load less stable. Perhaps it's noticed, but perhaps since the weights and ids all match up and they are following the instructions, they'll assume it must be safe.

        • (Score: 0) by Anonymous Coward on Thursday November 23 2017, @05:16PM

          by Anonymous Coward on Thursday November 23 2017, @05:16PM (#600717)

          Most improbable.

          They monitor the vessel, as a vessel, during loading and unloading. If the load is not up to spec, they stop loading. And quite likely, lawsuits follow because you're not talking about a coupla benjamins here.

          As for counter-optimal load schedules for efficiency, that's also highly improbable because that's also an aspect of what is checked.

          Basically, if either of those cases is screwed up large numbers of the crew and stevedores and office staff are likely to be fired or otherwise penalised. And the captain, if he lets it go, may very well find himself explaining his choices to a judge.

          It's exotic and weird, but the shipping industry is quite risk-averse, and has centuries of bad examples to draw from. Turns out, they have rules that protect them from things like drunk or overtired pilots, through to idiotic or corrupt machine operators.

  • (Score: 1) by anubi on Wednesday November 22 2017, @06:47AM (5 children)

    by anubi (2828) on Wednesday November 22 2017, @06:47AM (#600074) Journal

    Sounds very similar to a computer malware someone was telling me about once... long time ago.

    What this thing would do is covertly hide in the background, wake up once in a while to go fish through the filesystem for excel and access files, go through them and randomly change a few digits here and there, then go away for several days.

    Every few days, randomly, it would wake up and do it again.

    It was using some sort of stealth technology where neither the folder nor the file would show up until you knew precisely what he named both the folder and the file.

    Ever since I saw it, I have been extremely leery of trusting ANY operating system whose filesystem has been programmed with the ability to hide things from me.

    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
    • (Score: 0) by Anonymous Coward on Wednesday November 22 2017, @11:22AM (3 children)

      by Anonymous Coward on Wednesday November 22 2017, @11:22AM (#600138)

      You are aware that the DOS dir command had a documented option to also show hidden files?

      If you cannot get a hidden file shown without knowing its name, then obviously it's a case of failing to RTFM.

      Of course that assumes that those files were actually hidden through OS measures (as your description "operating system whose filesystem has been programmed with the ability to hide things from me" implies). If the files were hidden through the malware's own actions (e.g. by hijacking the DOS interrupt), that is, if the malware effectively acted as root kit, then you could not blame the operating system about it (not even about the missing protection against it, as unlike modern processors, the 8086 did provide absolutely nothing to protect against such things).

      • (Score: 1) by anubi on Wednesday November 22 2017, @12:12PM (2 children)

        by anubi (2828) on Wednesday November 22 2017, @12:12PM (#600140) Journal

        The DOS command I used for something like that was something down the line of "dir C:\*.* /as"

        I am not for sure how he was doing it, but DOS would not show it... even if I did an attrib *.* -r -a -s -h on all files.

        The only way you could find it is if you knew exactly where it was. Maybe it was some sort of unprintable character or something.

        This apparently was not the plain old DOS "hidden file" attribute. It seemed to have something to do with something in Microsoft checking for something in the filename.

        The dos "hidden" attribute seemed not for security, but to help eliminate clutter from showing system files when all you wanted to see were your data files.

        Now, this was indeed a long time ago.... but just the thought of putting something out there that did this sent shivers all up and down me.

        I remember expressing my concerns at work about this and getting dismissed like I was some sort of crackpot.

        I figured when guys were that high up the salary ladder, they did not need to concern themselves with things like this.

        --
        "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
        • (Score: 1) by anubi on Wednesday November 22 2017, @12:43PM (1 child)

          by anubi (2828) on Wednesday November 22 2017, @12:43PM (#600144) Journal

          Whoop, submitted before I completed my thoughts...

          There is a distinct possibility that the machine could have been compromised in the way you indicated.... by hijacking some interrupts. If so, I was not aware of it as I do not remember booting up on a known good DOS disk to try to list things. I remember I used to have one disk drive with known good DOS boot and malware tracking tools on it where I had disabled the write logic, by physical surgery on the PCB, diverting the write command to do nothing but trip off a 74LS123 monostable with a piezo beeper on it... that particular disk drive was completely incapable of writing to disk. So I knew no way could IT ever get infected. I could install it as the "B:" floppy.

          One of those early old-school 5 1/4" floppy drives which used a lot of discrete IC chips.

          ( I wanted to let malware *think* it was writing to the disk, but really all it did was position the head and beep the piezo. While a program like "KGB.exe" or similar small DOS tracing tools [textfiles.com] would be reporting what was executing at the time... )

          The line he was telling me is that he was playing around with odd characters in the file name which would not display - which could have been a line of bull, knowing him.

          --
          "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
          • (Score: 0) by Anonymous Coward on Wednesday November 22 2017, @01:28PM

            by Anonymous Coward on Wednesday November 22 2017, @01:28PM (#600158)

            The line he was telling me is that he was playing around with odd characters in the file name which would not display - which could have been a line of bull, knowing him.

            Well, in that case it's wrong to claim it on the design of the file system either, as those characters clearly had no place in the file names (there was a specification what characters were allowed/forbidden in file names). Possibly the OS implementation was to blame if it allowed those characters in file names against the specification; however I suspect he simply did a direct manipulation of the directory data on disk.

    • (Score: 1) by WillR on Wednesday November 22 2017, @01:51PM

      by WillR (2012) on Wednesday November 22 2017, @01:51PM (#600167)
      When you find an un-rootkit-able OS, be sure to let the rest of us know about it.
  • (Score: 2, Funny) by Anonymous Coward on Wednesday November 22 2017, @08:56AM (1 child)

    by Anonymous Coward on Wednesday November 22 2017, @08:56AM (#600111)

    Sinking ships through malicious software? That sounds quite familiar. [imdb.com]

    • (Score: 0) by Anonymous Coward on Wednesday November 22 2017, @09:31AM

      by Anonymous Coward on Wednesday November 22 2017, @09:31AM (#600116)

      Crash and burn

  • (Score: 1) by ewk on Wednesday November 22 2017, @01:51PM (2 children)

    by ewk (5923) on Wednesday November 22 2017, @01:51PM (#600168)

    Except that a container-ship in port for (say) 5 weeks probably doesn't give you as much TV coverage as a well-placed and well-timed explosion of a IED.

    --
    I don't always react, but when I do, I do it on SoylentNews
    • (Score: 0) by Anonymous Coward on Wednesday November 22 2017, @05:26PM (1 child)

      by Anonymous Coward on Wednesday November 22 2017, @05:26PM (#600262)
      And it doesn't look like it'll actually be a huge real world threat - pwn enough ships and people might actually start making backups of the load plans.

      What are the odds those computers on the ships don't ever die AND someone loses the usb drive/floppies at the same time? So some ships will probably have ways to cope with such stuff already.

      Seems more like someone learned something they didn't know before and is trying for their 15 minutes of fame.
      • (Score: 0) by Anonymous Coward on Wednesday November 22 2017, @11:24PM

        by Anonymous Coward on Wednesday November 22 2017, @11:24PM (#600418)

        So I guess it's back to TELEDILDONICS!

(1)