Dozens of oil storage and transportation terminals globally were hacked, with firms reporting that the attacks occurred over the weekend.
Oiltanking in Germany, SEA-Invest in Belgium, and Evos in the Netherlands were all affected.
The Belgian authorities say they have launched an investigation into the cyber-attack affecting SEA-Invest facilities, including the company’s largest in Antwerp, SEA-Tank.
According to a company spokesperson, every port they operate in Europe and Africa was affected on Sunday.
Although most liquid transportation is online, the company is working on getting a backup IT system online.
The spokesperson said the company knows about the cyber-attacks against other companies but it has not yet determined if they are connected.
Oiltanking Deutschland GmbH & Co. KG has been forced to operate at a “limited capacity” but has been investigating the incident. Initial reports suggest that the attack is ransomware.
Last May, the US oil supplier Colonial Pipeline was hit by a ransomware attack, leading to multiple states declaring an emergency.
The disruption follows increasing tensions between Ukraine and Russia and as concern over rising energy prices grows.
But cyber-security experts warn against jumping to the conclusion that the multiple incidents are all linked and the result of a coordinated effort to disrupt the European energy sector.
“Some types of malware scoop up emails and contact lists and use them to automatically spam malicious attachments or links, so companies with shared connections can sometimes be hit in quick succession,”
“This is why you sometimes see sector-based or geographic-based clusters of incidents.”
Brett Callow – Emsisoft, Threat Analyst.
A possible explanation could be that all of the companies use the same software which was compromised by hackers.
Could everyone in your organisation help prevent a cyberattack such as this one? Find out in our Free Click-Prone® Test today.