Huge container ships and cargo planes - essential in today's global economy - can now be stopped by a new generation of cyber warriors instead of sea pirates.

“The reality is that, like any digital system, an airplane or a ship can be hacked,” David Im, principal security researcher at Kaspersky told CNBC.

Hackers are increasingly turning their eyes to some of the biggest things humans can build and traverse the oceans, as demonstrated by the US government during a "pen test" exercise on a Boeing in 2019.

Logistics hack

It is often easier to penetrate companies operating in ports and airports than to gain access to an actual aircraft or ship.

Last December, German company Hellmann Worldwide Logistics said its operations were affected by a phishing attack.

Phishing attacks involve sending scam messages designed to trick people into delivering sensitive information or downloading malware.

The company, which provides air freight, ocean freight, road, rail and contract logistics services, had to stop making new reservations for several days.

It is not clear exactly how much loss she suffered as a result.

Hillman's chief information officer, Sami Awad Hartmann, told CNBC that the company immediately tried to "stop the spread" when it realized it had fallen victim to a cyber attack, and the company shut down its data centers around the world and shut down some of its systems to limit the spread.

"One of the tough decisions we then made when we saw that we had some systems infected was to disconnect from the Internet, as soon as you take that step, you stop. You're not working anymore," Hartmann added.

He noted that everything had to be done manually and back-up plans started to ensure business continuity, adding that some parts of the business were able to handle this better than others.

He said the hackers had two main goals, the first to encrypt the system that Hillman was working on and the second to steal data and use it to blackmail the company with a ransom demand.

Hellmann is working with legal authorities to try to determine who was behind the cyber attack, and Hartmann said there was some speculation but no definitive answers.

Internet hackers have targeted a number of shipping companies in the past years (Reuters)

NotPetya attack

The notorious “Not Petya” attack in June 2017, which affected several companies including the Danish container shipping company Maersk, also highlighted the vulnerability of global supply chains.

Maersk first announced that it had been hit by NotePetia in late June 2017 with a ransomware attack that prevented people from accessing their data unless they paid a ransom in bitcoin.

“We experienced a cyber attack that primarily affected the lines of Maersk, APM Terminals and Damco,” Maersk CEO Soren Skou said in a statement in August 2020. Business volumes were negatively impacted for two weeks in July, as a result of Therefore, our results for the third quarter will be affected. We anticipate that the cyber attack will negatively affect our results by $200-300 million."

The ransomware attack took advantage of some vulnerabilities in the Windows software platform that Microsoft updated after its leak.

In a follow-up article, Gavin Ashton, an IT security expert at Maersk at the time, wrote that such attacks were inevitable, but “you should have a solid contingency plan in case the worst should happen. That doesn't mean you don't try to fight a battle." Proactively stop these attacks from the start.

In February 2020, Toll Group, the freight forwarder owned by Japan Post, was forced to shut down some IT systems after it was hit by a cyber attack.

Hackers are increasingly turning their attention to some of the biggest things that humans can build and traverse the oceans (the island)

Disguise of drug shipments

Sometimes, hackers don't necessarily look for ransom. In 2013, criminals broke into systems in the port of Antwerp in order to manipulate container traffic so they could disguise and transport drug shipments.

Once the hackers got into the correct systems, they changed the location and delivery times of the containers containing the drugs.

The smugglers then sent their drivers to pick up the shipping containers laden with the drugs before the legitimate carrier could collect them.

The hackers used phishing attacks and malware directed at port authority workers and shipping companies to gain access to the systems.

The entire scheme was revealed by the police after the shipping companies discovered that something wasn't right.