A Dutch appeals court has sentenced a 44-year-old man to seven years in prison for his involvement in cyber intrusions targeting major European ports and for using those breaches to support drug trafficking operations.
The ruling was issued by the Amsterdam Court of Appeal, which reviewed a case that began with the man’s arrest in 2021. He was initially convicted a year later by the Amsterdam District Court on multiple charges, including illegal access to computer systems, attempted extortion, and assisting in the import of narcotics. Following that decision, the defendant challenged the verdict, arguing that key evidence used against him had been obtained unlawfully.
At the center of the appeal was the use of messages collected from Sky ECC, an encrypted communication platform. Law enforcement agencies in Europe gained access to the service in 2021 as part of a coordinated investigation into organized crime. That operation led to the arrest of the platform’s leadership and numerous users, with legal proceedings continuing into the following years. The defense claimed that the interception of these communications violated procedural safeguards and undermined the fairness of the trial.
The appeals court rejected those objections, stating that the defense failed to demonstrate how the collection of Sky ECC messages breached the defendant’s legal rights. As a result, most of the original findings were upheld.
However, the court did overturn one charge related to a plan to import approximately 5,000 kilograms of cocaine. Despite this, judges maintained the remaining convictions, including those tied to cybercrime and drug-related offenses.
Court findings show that the man worked with others to breach IT systems used by port operations in Rotterdam and Barendrecht in the Netherlands, as well as Antwerp in Belgium. These systems are responsible for managing logistics and cargo movement within the ports. By gaining unauthorized access, the group aimed to manipulate information so that illegal drug shipments could pass through undetected.
The intrusion was carried out by infecting internal systems at a port logistics company. Malware was introduced through USB devices that were connected by company employees. Authorities have not clarified whether those individuals were coerced, deceived, or willingly involved.
Once the malware was installed, the attacker was able to deploy remote access tools. This allowed him to extract data from internal databases and monitor information as it moved through the network, giving criminal groups operational insight into port activities.
Investigators also found that between mid-September 2020 and late April 2021, the man attempted to sell malicious software along with instructions for its use, working in coordination with others.
Taking into account the hacking activities, the facilitation of drug trafficking, the import of 210 kilograms of cocaine into the Netherlands, and attempted extortion, the court confirmed a final prison sentence of seven years.
