A large-scale cyberattack has successfully targeted major oil terminals across Western Europe, sources have confirmed. Ports in Germany, Belgium, and the Netherlands fell victim to the attack, which disrupted operations and prevented tankers from delivering energy supplies. It comes at a time when oil prices are surging, causing a headache for European policymakers.
Jelle Vreeman, a senior broker at Riverlake in Rotterdam, told AFP that several terminals were disrupted. “Their software is being hijacked and they can’t process barges. Basically, the operational system is down,” he added.
Officials say the cyberattack started several days ago. Belgian and German authorities opened an investigation, with the latter suspecting it was a ransomware attack.
Oil Terminals Not a Well-Oiled Machine
Hackers were able to hit some of the biggest oil terminals in Europe this past week. Port cities in Germany, Belgium, and the Netherlands all suffered from the cyberattack, including Antwerp, Ghent, and Hamburg.
German prosecutors were the first to launch an investigation into the matter on Wednesday after two companies fell victim to a cyberattack. Oiltanking Deutschland GmbH and Mabanaft used their force majeure card, an emergency legal clause for when companies cannot meet their contract terms because of an unforeseen event.
“We are committed to resolving the issue and minimizing the impact as quickly and effectively as possible,” the oil supply companies said in a joint statement. Arne Schoenbohm, head of Germany’s IT security agency, told the media that the incident was “not grave.”
Belgian authorities soon followed their German counterparts after an attack on at least two energy companies. Public prosecutor’s office official in Antwerp Kristof Aerts did not confirm whether both attacks were linked, but it “will be certainly looked at.” There weren’t any sufficient details about the attack, but it seems that damage is minimal.
An investigation by the Federal Computer Crime Unit has started.
Kristof Aerts, official at the public prosecutor’s office in Antwerp
A cross-border trading hub between Amsterdam-Rotterdam and Antwerp was also on the receiving end of a cyberattack. The Dutch National Cyber Security Centre said the hackers most probably had a “criminal motive,” which could indicate a ransomware attack.
BlackCat Ransomware the Culprit
German newspaper Handelsblatt quoted an initial report by German security services, in which they claim that the attackers used the BlackCat ransomware. This malware tool emerged in November 2021 and became quite popular among cybercriminals because it charged lower commission fees than its competitors. It helps hackers take control of target systems through sophisticated attacks.
It is not yet clear whether the attackers have made any demands in exchange for the stolen data. But their actions caused disruptions in energy operations and delivery of supplies, at a sensitive time as well.
Oil prices reached a seven-year high amid political tensions with Russia, a major gas supplier. European policymakers fear that rising energy bills could fuel inflation across the continent.
