Cyber-Attacks Hobble Some of Europe’s Largest Ports
Oil terminals in some of Europe’s biggest ports appear to have been disrupted by ransomware, according to reports.
A broker in the region told AFP that the attacks are disrupting the oil supply chain.
“There was a cyber-attack at various terminals, quite some terminals are disrupted,” Jelle Vreeman, senior broker at Riverlake in Rotterdam, told the newswire.
“Their software is being hijacked, and they can’t process barges. Basically, the operational system is down.”
The Amsterdam-Rotterdam-Antwerp oil hub, which spans ports across the Netherlands and Belgium, is believed to have borne the brunt of the attacks. AFP cited local Belgian reports that logistics and storage firm SEA-Tank Terminal is one of those impacted in Antwerp.
According to a separate report from The Associated Press, at least two energy companies in the Belgian ports of Antwerp and Ghent were hit by cyber-attacks, with the government’s Federal Computer Crime Unit opening an investigation.
This follows reports earlier this week that two German oil logistics firms were struck by ransomware: Oiltanking GmbH Group and Mabanaft Group.
Both companies were forced to declare force majeure, a legal clause used in emergencies when companies cannot fulfill their contractual obligations.
However, the head of Germany’s federal office for information security, Arne Schönbohm, is quoted as saying the incident is serious but “not grave.”
Anglo-Dutch oil giant Shell has already admitted it has been forced to reroute supplies due to the incident.
The news has uncomfortable echoes of the Colonial Pipeline attack in May 2021, which crippled oil supplies up and down the US east coast for days, leading to queues at gas stations.
This time the culprit, at least in the attacks in Germany, appears to be BlackCat (aka “alphv”), a relatively new ransomware-as-a-service variant.
More Stories
Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google...
Friday Squid Blogging: Sunscreen from Squid Pigments
They’re better for the environment. Blog moderation policy. Read More
Compromising the Secure Boot Process
This isn’t good: On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than...
Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain
Synnovis has rebuilt “substantial parts” of its systems following the Qilin ransomware attack on June 3, enabling the restoration of...
Hacktivists Claim Leak of CrowdStrike Threat Intelligence
CrowdStrike has acknowledged the claims by the USDoD hacktivist group, which has provided a link to download the alleged threat...
CrowdStrike Falcon Outage Exploited for Social Engineering
Cyber threat actors are exploiting the CrowdStrike Falcon outage to conduct social engineering attacks. Here's what the CIS CTI team...