Multi-National Logistics Organizations Discovers Gaps in Security

Overview

Logistics organizations have A LOT to deal with in terms of cybersecurity and legacy systems. From shipping software to onboard maritime navigation, they have various types of systems they need to secure properly. Fortunately for this multi-national logistics firm, FalconOps was able to identify gaps in their security, through penetration testing, that a hacker could have exploited.

Around the World in 60 milliseconds

Penetration testing an organization with systems in Hong Kong, New York, California, and intermediary points presents a challenge in terms of client data being transmitted over potentially insecure links. In addition, the latency between testing equipment and the client network can potentially have detrimental effects on testing.

However, in this case, we were able to overcome those by shifting our infrastructure to key positions that would allow for a seamless test.

I can't wait to see what you found... I have a few ideas...

Our team quickly enumerated and discovered a VPN (Virtual Private Network) system that was misconfigured to allow Aggressive Mode. This means that we were able to obtain a hash of the PSK (Pre-Shared Key) to the VPN appliance. From there, we were able to crack the hash using our extensive hash-cracking hardware.

A way into the network - or not? 

Our team put the VPN vulnerability on the backburner while the hash was being cracked. However, the environment did not reveal to have any other vulnerabilities that would be easily exploited by an attacker. Aside from a few things (like a security camera without authentication), we were thankful the organization had taken steps to identify their gaps - prior to testing.

In the end, we were able to exploit the VPN issue to gain further access to the network and the client was extremely thankful for the feedback and recommendations to fix the issue.

Our Cybersecurity Suggestions for Logistic Organizations

We have a few basic controls that we strongly suggest to mitigate a large number of the common attack vectors:

• Penetration Testing (or at a minimum vulnerability scanning quarterly) at least once a year for both external and internal systems.
• Multi-Factor Authentication to access network resources and sensitive student information (VPNs/Office 365/Sensitive Client Software)
• Managed Detection and Response on all critical systems and user systems accessing client information (we offer this as a service starting at $15 per system, per month, with no minimum system count)
• Phishing & Security Awareness training for all users, no exceptions

While there are plenty of other suggestions, we believe these will give you the biggest "bang-for-your-buck"

Ready to Start? Contact Us!

Our team is composed of former NSA analysts and operators. We have the know-how and will ensure the best price compared to other comparable organizations.

‍