Dutch Hacker Sentenced to Seven Years for Rotterdam & Antwerp Port Cyberattacks
Published
Key Takeaways
- Prison Sentence: A Dutch national has been sentenced to seven years in prison for hacking ports in Rotterdam and Antwerp to facilitate drug trafficking.
- Attack Method: The hacker compromised a port logistics firm by using employees to install a remote access tool via USB sticks for data exfiltration.
- Insider Threat: The employee used the Sky ECC encrypted chat service to communicate and accepted a €10,000 bribe.
The Amsterdam Court of Appeal has finalized a seven-year prison sentence for a 44-year-old Dutch hacker who was found guilty of orchestrating a complex cyberattack targeting major European ports, including the Port of Rotterdam and the Port of Antwerp, between September 2020 and April 2021.
The primary motive behind the Rotterdam and Antwerp port hacking was to manipulate port logistics systems to allow for the undetected importation of narcotics, including a confirmed shipment of 210kg (463lbs) of cocaine in eight bags found in a container among a shipment of wine.
Dutch Port Cyberattack
The investigation revealed the hacker gained initial access by compromising a port logistics firm through an insider threat vector. An employee inserted a USB drive containing malware into their workstation on September 18, 2020.
The employee stated that she was approached by someone while she worked as a counter clerk at the injured party’s terminal. “She was given a Sky phone to communicate and received €10,000 (roughly $11.500) for inserting the USB drive,” an official document said.
“Only employees with the necessary login credentials could legitimately access it,” the official document said.
This action installed a backdoor for remote access, granting the attacker persistent access to the network. From there, the hacker exfiltrated critical data from databases and intercepted real-time communications to monitor and control container movements.
Evidence for the conviction was partly derived from communications on the Sky ECC encrypted chat platform, which Europol compromised in 2021. The court rejected the defendant's appeal, which argued that the evidence was obtained unlawfully. The suspect pleaded guilty to complicity in the prolonged importation of 210kg of cocaine into the Netherlands.
Implications for Port Cybersecurity
The successful infiltration of two of Europe's busiest ports highlights significant gaps in port cybersecurity. The reliance on an insider-assisted physical intrusion (USB stick) demonstrates that technical safeguards alone are insufficient.
This legal outcome sends a strong message regarding the severe penalties for such crimes. Last month, a former Coinbase support agent was arrested in India over an insider data breach.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular