Cyber-Attack on Oil Firms
A cyber-attack has disrupted operations at two oil storage and logistics firms in Germany.
Oiltanking GmbH Group and Mabanaft Group said on Tuesday that they had launched an investigation into a cyber-incident on Saturday.
IT systems at both companies were affected, though the full extent of the attack is still being determined. In a statement to the Associated Press, the companies said they had hired external computer forensic specialists to discover the “full scope” of the incident.
No information has been shared yet by either company regarding the nature of the attack or its perpetrators. The companies said work is being undertaken to enable them “to restore operations to normal in all our terminals as soon as possible.”
Oiltanking GmbH Group is still operating storage tank terminals for oil, gas and chemicals in all global markets. However, the attack has forced separate entity Oiltanking Deutschland GmbH, part of Mabanaft, into “operating with limited capacity” its terminals in Germany.
The statement said that Mabanaft’s German arm had “declared force majeure for the majority of its inland supply activities in Germany.”
Speaking at a conference on Tuesday, the head of Germany’s IT security agency, Arne Schoenbohm, said that while the incident was severe, it was “not grave.”
Schoenbohm said that 1.7% of the country’s total gas stations had been impacted by the incident, making it impossible for prices to be changed or for customers to pay for gas using a credit card. Cash payments were being accepted at some of the 233 affected facilities, most of which are in northern Germany.
German news agency dpa reported that industry officials had said that the cyber-attack on the two companies did not pose a threat to the country’s overall fuel supplies.
“The timing of this coincidentally aligns with Russia having threatened to shut off its pipelines into Europe as the crisis in Ukraine continues to be tense for all involved,” observed Lookout’s senior manager of security solutions, Hank Schless.
He added: “This is the perfect example of using a high-pressure situation to create opportunity for malicious cyber-activity, which attackers do as often as they can.”
More Stories
European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms
This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware Read More
Paragon Spyware used to Spy on European Journalists
Paragon is a Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is...
Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of...
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple...
South African man imprisoned after ransom demand against his former employer
Lucky Erasmus and a company insider installed software without authorisation on Ecentric's systems which granted them remote access, enabling them...
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by...