Cyber-Attacks Hobble Some of Europe’s Largest Ports
Oil terminals in some of Europe’s biggest ports appear to have been disrupted by ransomware, according to reports.
A broker in the region told AFP that the attacks are disrupting the oil supply chain.
“There was a cyber-attack at various terminals, quite some terminals are disrupted,” Jelle Vreeman, senior broker at Riverlake in Rotterdam, told the newswire.
“Their software is being hijacked, and they can’t process barges. Basically, the operational system is down.”
The Amsterdam-Rotterdam-Antwerp oil hub, which spans ports across the Netherlands and Belgium, is believed to have borne the brunt of the attacks. AFP cited local Belgian reports that logistics and storage firm SEA-Tank Terminal is one of those impacted in Antwerp.
According to a separate report from The Associated Press, at least two energy companies in the Belgian ports of Antwerp and Ghent were hit by cyber-attacks, with the government’s Federal Computer Crime Unit opening an investigation.
This follows reports earlier this week that two German oil logistics firms were struck by ransomware: Oiltanking GmbH Group and Mabanaft Group.
Both companies were forced to declare force majeure, a legal clause used in emergencies when companies cannot fulfill their contractual obligations.
However, the head of Germany’s federal office for information security, Arne Schönbohm, is quoted as saying the incident is serious but “not grave.”
Anglo-Dutch oil giant Shell has already admitted it has been forced to reroute supplies due to the incident.
The news has uncomfortable echoes of the Colonial Pipeline attack in May 2021, which crippled oil supplies up and down the US east coast for days, leading to queues at gas stations.
This time the culprit, at least in the attacks in Germany, appears to be BlackCat (aka “alphv”), a relatively new ransomware-as-a-service variant.
More Stories
European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms
This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware Read More
Paragon Spyware used to Spy on European Journalists
Paragon is a Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is...
Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of...
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple...
South African man imprisoned after ransom demand against his former employer
Lucky Erasmus and a company insider installed software without authorisation on Ecentric's systems which granted them remote access, enabling them...
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by...