Ports fear pirates again. For the past few days, port facilities in Germany, the Netherlands and Belgium have been the target of a cyberattack. According to the Belgian daily From Morgan, this attack targets the port of Hamburg as well as at least six oil terminals in Belgian and Dutch ports such as Antwerp and Amsterdam. A situation that disrupts oil deliveries in several major ports against a backdrop of soaring energy prices.
The case is taken seriously enough for the police cooperation agency Europol, based in The Hague, to offer its support to the German authoritiesabout this hack. In Germany, the Hamburg public prosecutor’s office has announced that it has opened an investigation against X for “extortion“. “The starting point of the procedure was a criminal complaint filed by a company victim of a ransomware attack”, specifies the Hamburg prosecutor’s office. Oiltanking, a subsidiary of the German group Marquard & Bahls specializing in oil storage, has confirmed that it has been “victim of a cyber incident affecting (his) computer systems“.
Discovered on January 29, the incident led to the outbreak of “contingency plans” at Oiltanking and Mabanaft, another subsidiary of the same group whose activities“terrestrial supply” in oil were also severely disrupted. “All parties continue to work to allow a return to normal of our operations in all our terminals as soon as possible”, Oiltanking said in a statement. It would be“deliberate sabotage” regarding “eleven Oiltanking locations in Germany”according to information from Morganwhich specifies that this operator notably supplies the giant Shell.
“System down”
On the Belgian side, the cyberattack has been disrupting the activities of the terminals of Sea-Tank, a subsidiary of the Sea-invest group whose head office is based in the city of Ghent, for many hours. The river port of Ghent as well as the Antwerp-Zeebrugge platforms (port companies now merged) are affected, which has led the Belgian courts to open an investigation.
In the Netherlands, Jelle Vreeman, a manager of the brokerage firm Riverlake based in Rotterdam, Europe’s largest cargo port ahead of Antwerp and Hamburg, describes the cyberattack as a software hack preventing the unloading of oil barges. “There was a cyberattack on several terminals, some of which were disrupted. Their software has been hacked and they can’t deal with barges. Basically, the operational system is down.underlines the broker.
According to the newspaper Handelsblatt, citing a German investigative report, the hackers behind this attack used BlackCat ransomware, discovered in late 2021 by cybersecurity experts, considered more innovative than its rivals. The principle of fraud is simple. It involves breaking into a company’s computer system to steal its data, then threatening to publish it if a ransom is not paid. According to experts, if the hackers behind BlackCat use Russian for this program, it is still not enough to attribute the hack to Russian authors, as the tactics of concealment and camouflage are common among hackers.