A hacker attack seems to have taken place a few hours ago on its website companyof the management of COSCO and specifically of SEP S.A.
As is well known, the state-owned Chinese company Cosco through its subsidiary SEP S.A. purchased Pier 2 and started operations on October 1, 2009 with the aim of becoming the first large-scale terminal in Greece. shown by the Greek mass media informationregarding its use as a transit center for multinational IT companies.
However, despite all the investments made by Cosco's Chinese investors, it seems that the protection of the company's IT systems, especially those that are available to the public, was almost non-existent. The Indonesian hacker, a member of the Gantengers Crew with the nickname "d3b~x" (who a few days ago also carried out a website defacement attack on a banking application company) seems to be behind the attack on the SEP S.A. website.
"D3b ~ x", according to information from foreign websites, has altered the internal link of the site, using a weakness it may have identified in the site's management system. Indonesian hackers also have a website [here]. His weakness allowed him, as we see from the result, to post his own content in the link [here]
Screenshot of the attack you can see next, while until the time these lines were written, the SEP management team did not realize the attack.
It is worth noting that the Gantengers Crew are low-level hackers, lacking the necessary expertise for high-level attacks, and using common tools available to everyone for making site alterations. This makes the impact of the attack even more important, as it appears that little has been done to protect the site from external tampering attacks, while cognitive hackers are getting spoiled and unauthorized access!
The site, although informative for the public, is within the company's infrastructure. It is not clear whether there is an interconnection with internal company systems or is in a demilitarized zone (DMZ). In any case, administrators and IT managers must IMMEDIATELY shut down the website and investigate what kind of access was gained by malicioushackers and if they managed to gain access to internal systems of the organization.
