Merchant tanker and barge shipments in and out of Europe’s biggest oil hub have been delayed by up to a week as four storage companies work to resume operations after cyber-attacks. Since the end of last week, storage company Oiltanking and oil trading firm Mabanaft, both owned by Germany’s Marquard & Bahls, have been hit by hackers. Belgium’s SEA-TANK and Dutch fuel storage firm Evos have also been affected.
The companies have had to suspend some operations, affecting oil flows in the Netherlands, Belgium and across Germany. Researchers question whether the cyber-attacks are linked. German newspaper Handelsblatt reported that Oiltanking and Mabanaft were attacked with a ransomware program. The companies declined to comment. They declared force majeure on their German operations earlier this week and oil major Shell stepped in to re-route alternative supplies.[1]
A trusted source said fuel stations were working normally but truck loadings were still experiencing difficulties. SEA-TANK and Evos, meanwhile, have storage in and around the Amsterdam-Rotterdam-Antwerp oil hub, with their problems leading to crowding outside the port.
At least seven fuel tankers were sitting off the coast of Belgium waiting to load in Antwerp. The Port of Antwerp authority is not making any public comments.
Barges due to move fuel between ports and inland down the Rhine River are also idle. “The outages impact the entire chain because ships have had to be re-routed to other functional ports. Some barge operators have delays of around a week to move fuel inland or between refineries and depots in the area” said the market intelligence firm Insights Global said.
SEA-TANK operates five locations in the port of Antwerp. They were forced to cut capacity starting from last Sunday. Some sources are reporting the port is “back to normal but not at full speed.” SEA-TANK’s parent company SEA-Invest is not responding to media inquiries. On 4 February the port indicated it had suffered delays at its terminals in Terneuzen in the Netherlands, Ghent in Belgium and Malta. “Evos continues to operate at all its terminals …. The source of the disruption is being investigated,” a spokesperson said.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization who has long collected and analyzed cyber indicators. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/3702558539639477516
[1] https://www.hellenicshippingnews.com/oil-shipments-in-european-oil-hub-delayed-after-cyber-attacks/
Comments