In recent years, Europe’s commercial ports have emerged as prime entry points for the illicit trafficking of cocaine, with record amounts of the drug flowing in. The story unfolds through the exploits of a Dutch hacker, hired by drug traffickers to breach port IT networks, exposing how the landscape of smuggling has evolved, becoming more sophisticated than ever.
The startling revelation came to light on February 14, 2020, when Costa Rican authorities, inspecting a shipping container supposedly filled with decorative plants, discovered a staggering 3.8 metric tons of cocaine. While the identity behind the record seizure remained concealed, Dutch police uncovered the key player’s role – a 41-year-old hacker named Davy de Valk operating from the port city of Rotterdam.
Despite claims of struggling to secure steady employment, de Valk, with a background in computer science, was found to be a skilled “black hat” hacker. He specialized in infiltrating the IT systems of major European maritime ports, selling critical information to cocaine smugglers. This marked a departure from traditional smuggling methods that relied on corrupting a long chain of port personnel. The increasing digitalization and automation of shipping logistics provided new opportunities for infiltration.
De Valk’s hacking methods, as revealed in court records and cybersecurity analyses, were surprisingly basic for the significant impact they had. His activities included monitoring container scans at the port of Rotterdam, aiding traffickers in strategically placing narcotics to avoid detection. In Antwerp, he utilized malware on a USB stick, inserted by a bribed office clerk, to gain access to data enabling drug pick-ups without drawing attention.
While de Valk charged substantial sums for his services, cybersecurity experts noted that his methods were unsophisticated, generating potential alerts if port systems were adequately equipped. Despite the simplicity of his approach, the hacker’s actions revealed alarming vulnerabilities in Europe’s ports, turning them into conduits for cocaine influx.
De Valk defended his actions, claiming he was conducting undercover research for a video game about the drug trade and providing his criminal clients with false information. The court, however, dismissed his explanation as implausible, sentencing him to 10 years in prison in 2022 for unlawful hacking and aiding and abetting cocaine trafficking.
In the weeks leading up to the Costa Rica bust, de Valk outlined his services on the encrypted chat platform SkyECC, revealing a sinister underworld where monitoring shipping container scanning histories allowed him to identify vulnerable shipping lines. He facilitated drug retrieval by canceling legitimate pick-up services and forging transport orders.
Key to de Valk’s success was his ability to access PIN codes assigned to shipping containers by shipping companies. PIN code fraud, as termed by Europol, involves illegally obtaining these codes, enabling traffickers to impersonate transport companies and retrieve cargo with ease. The simplicity and efficiency of this method led to PIN codes being sold for significant amounts on the criminal market.
De Valk’s collaboration with a man named Bob Zwaneveld revealed a deeper layer of corruption. Zwaneveld, despite an unconventional lifestyle, played a coordinating role in drug deals and collaborated with de Valk to infiltrate the Antwerp terminal, Europe’s second-busiest port. With the help of a bribed office clerk, de Valk’s malware-laden USB stick provided access to Antwerp’s container management program, allowing him to monitor containers, generate PIN numbers, and potentially clone ID badges.
While the full extent of de Valk’s activities remains unknown, European police suspect his involvement in a broader pattern of PIN code fraud facilitating the trafficking of at least 200 metric tons of cocaine through Rotterdam and Antwerp since 2018. The Europol report suggests that PIN code fraud is likely underreported, posing a significant challenge to port authorities aiming to curb trafficking through enhanced security measures and training programs.
The battle against traffickers, as noted by Jan Janse, the Rotterdam seaport’s district police chief, involves countering their ability to corrupt ports using money and intimidation. As port authorities and shipping companies seek ways to tighten security, the evolving landscape of cyber-infiltration and cocaine smuggling highlights the need for ongoing vigilance and innovative solutions to safeguard Europe’s vital ports.