Major oil terminals in some of Western Europe’s biggest ports have fallen victim to a cyberattack.
After the attack, Belgian prosecutors have launched an investigation into the hacking of oil facilities in the country’s maritime entryways, including Antwerp.
In Germany, prosecutors are investigating a cyberattack targeting oil facilities in what was described as a possible ransomware strike, in which hackers demand money to reopen hijacked networks.
According to Jelle Vreeman, senior broker at Riverlake in Rotterdam:
There was a cyberattack at various terminals, quite some terminals are disrupted. Their software is being hijacked and they can’t process barges. Basically, the operational system is down
One of the main victims seems to be the cross-border Dutch and Belgian Amsterdam-Rotterdam-Antwerp oil trading hub, where company IT systems were affected by the attack.
In Germany, two oil supply companies said they were victim to the cyberattack, declaring force majeure.
However, the head of Germany’s IT security agency, Arne Schoenbohm, said that the incident was serious but “not grave.”
Furthermpre, the German newspaper Handelsblatt, noted that an initial report from German security services identifies the BlackCat ransomware as the tool used in the cyberattack in Germany.
BlackCat first emerged in mid-November 2021 as a software tool to allow hackers to seize control of target systems and has quickly gained notoriety for its sophistication and innovation.
BlackCat has the advantage of being more lucrative than its rivals for the hackers who use it. The experts also note that BlackCat’s programmers use the Russian language, but this clue could be misleading since hackers often leave false clues to cover their tracks.
In June, US authorities recovered a ransom payment paid by Colonial Pipeline to Russia-based ransomware extortionists Darkside, who had forced the shutdown of a major fuel network.
The attack caused short-term fuel shortages and drew attention to the broader threat that ransomware posed to essential infrastructure and services.