A hacker attack seems to have taken place a few hours ago on the webσελίδα of the management company of COSCO and specifically of SEP S.A.
The state-owned Chinese company Cosco is known to have its subsidiary SEP SA bought the 2 jet and started 1 in October 2009 in order to become the first large-scale terminal in Greece. The company is fully controlled by COSCO and holds 5 the world leader in freight management companies. screened by the Greek media about its use as a transit center for multinational IT companies.
However, despite all the investments made by Cosco's Chinese investors, it seems that the protection of the company's IT systems, especially those that are available to the public, was almost non-existent. The Indonesian hacker, a member of the Gantengers Crew with the nickname "d3b~x" (who a few days ago also carried out a website defacement attack on a banking application company) seems to be behind the attack on the SEP S.A. website.
"d3b~x", according to information from foreign websites, proceeded to alter an internal link of the website, using a weakness that he probably identified in the website's management system. The Indonesian hackers also has a website [here]. His weakness allowed him, as we can see from the result, to post his own content on the link [here]
Screenshot of the attack you can see next, while until the time these lines were written, the SEP management team did not realize the attack.
It is worth noting that Gantengers Crew are low-level hackers, not possessing the necessary know-how for high-level attacks, while they use common tools available to anyone to carry out the alteration of websites. This makes the impact of the attack even more significant, as it appears that minimal measures were taken to protect the website from external tampering attacks, at a time when sophisticated hackers are achieving tampering and unauthorized access!
The website, although of an informative nature for the public, is located within the infrastructure of the company. It is not clear if there is aconnection with internal company systems or located in a demilitarized zone (DMZ). In any case, administrators and IT officers must immediately disable the site and investigate what access malicious hackers have accessed and if they have gained access to internal systems in the organization.