Following a cyberattack on Oiltanking and Mabanaft in Germany on 29 January 2022, there are now reports that oil storage terminals in the Amsterdam-Rotterdam-Antwerp (ARA) area have also been affected.
According to Argus Media, at least six terminals, owned by SEA-Tank, Oiltanking and Evos in Antwerp and Ghent in Belgium, and in Amsterdam and Terneuzen in the Netherlands, have been affected. As with Oiltanking and Mabanaft in Germany, the cyberattack seems to have affected loading operations. Bloomberg says that an unnamed fuel broker told it that ‘numerous terminals’ are affected.
Evos told Bloomberg that it has experienced disruptions of IT services at its terminals in Terneuzen in the Netherlands, Ghent in Belgium and in Malta, but did not confirm the cause. The financial news outlet also says that it has seen an email from SEA-Tank to a customer saying that it was suffering from an unexpected outage. A broker at Riverlake told Bloomberg that several barges have been waiting for loading and discharging ‘for days.’
Meanwhile, German prosecutors are investigating the attack on Oiltanking and Mabanaft. Financial newspaper Handelsblatt reports that hackers used Black Cat ransomware, citing an internal management report by the Bundesamts für Sicherheit in der Informationstechnik (BSI – Federal Office for Information Security) to the companies.
On 7 May 2021, the Colonial Pipeline, the largest fuel pipeline in the US, which runs for 8,850 km from the US Gulf Coast to the New York Harbor area, was shut down by a ransomware attack by the Russian-linked hacker group DarkSide. The pipeline did not return to normal service until 15 May 2021. Colonial Pipeline paid the US$4.4 million (€3.9 million) ransom, but the US Department of Justice later recovered US$2.3 million of it.
(Source: Tank Storage Magazine)