/>
X

Shell forced to reroute supplies after cyberattack on two German oil companies

Two subsidiaries of German logistics firm Marquard & Bahls are struggling to respond to a cyberattack.
headshot-2.jpg
Written by Jonathan Greig, Staff Writer on

A cyberattack on two German oil suppliers has forced energy giant Shell to reroute oil supplies to other depots, according to Reuters and the Handelsblatt newspaper

Handelsblatt was the first to report on Monday that oil companies Oiltanking and Mabanaft, both owned by German logistics conglomerate Marquard & Bahls Group, had suffered a cyberattack that crippled their loading and unloading systems. Oiltanking had a throughput of 155 million tons in 2019, according to Handelsblatt.  

By Tuesday, Royal Dutch Shell said it was forced to reroute to different supply depots because of the issue. Oiltanking did not respond to requests for comment but confirmed the attack to The Stack and said they "have declared force majeure." They reportedly discovered the attack on Saturday. 

The incident follows another cyberattack on billion-dollar German logistics firm Hellmann Worldwide Logistics that took place in December.  

German officials spoke at a news conference about the issue. Arne Schonbohm, president of the Federal Office for Information Security, said the attack on Oiltanking was "serious, but not grave." 

German intelligence officials released a warning last week about APT27 using the malware variant HYPERBRO against German commercial companies. 

"According to current knowledge, the attackers have been exploiting vulnerabilities in Microsoft Exchange and in the Zoho AdSelf Service Plus1 software since March 2021 as a gateway for the attacks. It cannot be ruled out that the actors, in addition to stealing business secrets and intellectual property, also try to infiltrate the networks of (corporate) customers or service providers," German intelligence service BfV said.

"The cyber espionage group APT27 has been active since at least 2010. The BfV is currently observing an increase in attacks against German targets by the group using the HYPERBRO malware."

Rumors that the Oiltanking incident is a ransomware attack reignited concerns about attacks on oil companies. Last year, US oil giant Colonial Pipeline dealt with a devastating ransomware attack that crippled its business services and left significant parts of the East Coast without access to gas for less than a week. 

"Impacting elements of the fuel, heating, and combustibles supply chain during the winter season potentially puts human safety and wellbeing in the crosshairs -- these types of attacks underscore the very serious risks posed by criminals to foundational parts of essential services and infrastructure," said Tim Wade, technical director at Vectra. 

Related

A restaurant owner gives tech companies advice on how to retain staff
Women at a restaurant clinking their water glasses

A restaurant owner gives tech companies advice on how to retain staff

Business
Hybrid work is here to stay, so companies are spending more on security
A middle aged man in casual attire sat at his computer desk speaking to colleagues via a split-screen video chat application

Hybrid work is here to stay, so companies are spending more on security

Business
2,000 arrests in crackdown on social engineering and business email scams
getty-hacker-hands-on-a-keyboard.jpg

2,000 arrests in crackdown on social engineering and business email scams

Security