Russian energy giant Rosneft fell victim to a cyberattack at its branch in Germany late last week. Die Welt newspaper reported the news on Sunday, citing the country’s cybersecurity watchdog, BSI. It added that even though there was no impact on the company’s business or supply operations, the attack did compromise Rosneft’s systems.
The hacking incident occurred late on Friday night or early Saturday morning, BSI confirmed, offering immediate support to Rosneft. The watchdog also sent out new advisories warning other organizations in the energy sector to take proper cybersecurity measures.
Rosneft Cyberattack Details – Who Is Responsible?
Reports surfaced on Sunday that the German branch of Rosneft, a Russian energy giant, suffered a cyberattack. Following media coverage from news outlets Die Welt and Der Spiegel, BSI officials confirmed that the incident took place. They added that Rosneft Deutschland reported the attack on Saturday morning.
Hackers infiltrated the subsidiary’s IT systems, forcing it to take them offline. However, refineries and pipelines remained operational as usual. The BKA federal criminal police launched an investigation, with hacking group Anonymous being the primary suspect.
The cyber gang previously warned that it was going to launch attacks against Russian companies following the invasion of Ukraine. On Friday, they published a statement claiming responsibility for the attack on Rosneft, saying they stole 20TB of data. The hackers also added that they don’t want to target Russian energy companies directly because several nations rely on their oil and gas.
But Rosneft Germany is interesting enough.Anonymous hacking group
Igor Sechin, Rosneft’s chief executive, is a close ally to Russian President Vladimir Putin. Also, Gerhard Schroeder, former German Chancellor, acts as chairman of the board of directors and has received waves of criticism for his role.
A quarter of Germany’s crude oil imports are through Rosneft Deutschland, which has stakes in three refineries in the country.
Cyberwar – New Form of Warfare
A new type of warfare has emerged in recent years: cyberwar. State-sponsored hackers target enemy government entities or key private institutions like banks and energy companies. After infiltrating their systems, they install malware to spy or steal valuable data. We witnessed it firsthand in the war on Ukraine.
A few days before the invasion, Ukraine suffered the largest-of-its-kind DDoS attack that targeted the Ministry of Defense, army, and state banks. Cybersecurity experts and state officials accused Russia of being responsible, saying that a cyberattack on infrastructure facilities would cripple communications networks.
Moreover, a phishing campaign targeted European countries offering aid to Ukrainian refugees. According to several reports, the attackers belonged to a hacking group called Ghostwriter, a.k.a. TA445 or UNC1151, which had links to the Belarus government, an ally of Moscow. They aimed to disrupt refugee aid and gather intelligence on “the movement of funds, supplies, and people within NATO member countries.”
Even the Anonymous group claimed responsibility for the cyberattacks on the Kremlin, the Russian ministry of defense, the parliament, and pro-Russian state media.