![]() The attack on SEA-invest is not reported to have been linked and appears to have involved Conti ransomware. German paper Handelsblatt reported (link in German) it had obtained internal documents from the German Federal Office for Information Security (BSI), identifying BlackCat ransomware as being behind the Oiltanking attack. See also: Here's how the Colonial Pipeline attack happened It added that its dry bulk division did not have to cease operations and that its liquid bulk department, Sea-Tank, has been able to resume operations as of February 2. SEA-invest told The Record that it had been hit on the evening of January 30 with ransomware. All operations continue to take place in a safe manner.” There is a disruption of IT services at our terminals in Terneuzen, Ghent and Malta, which is causing some delays in execution" the company told us, adding: "The source of the disruption is being investigated. “Evos continues to operate at all its terminals. The NCSC is closely monitoring developments and will take further action if necessary.” Credit: SEA-invest.Ĭommodities specialist Argus Media meanwhile reported at least six oil storage terminals were struggling to load or unload cargo, with affected sites operated by SEA-Invest subsidiary SEA-Tank, as well as Evos and Oiltanking.Įvos confirmed in a statement to The Stack it was experiencing IT issues with its terminals at three sites. Holland's National Cyber Security Center said that the attacks do not appear to be related, nor to be linked to nation-state hackers: "The NCSC’s view is that at the moment there does not seem to be a coordinated attack and that the attacks were probably committed with a criminal motive. ![]() SAP and Onapsis also warned against ransomware threats targeting unpatched SAP installations last year. It would, however, fit with early intelligence suggesting that the BlackCat ransomware is to blame: TTPs from Palo Alto Networks show that the ransomware targets several processes and services to hinder or prevent security solutions and backups, going after backup software like Veeam and also looking for active SAP processes (searching for "APService, SAP, SAP$, SAPD$, SAPHostControl, SAPHostExec" etc. ( The Stack could not independently confirm this claim that was shared with us. SAP ERP systems were reported by markets watchers to have been affected by the attack, forcing the companies back to paper-based invoicing and other manual operational processes. (Evos only recently bought several oil storage facilities from Oiltanking.) The incidents have hit EU supply chains, affecting oil storage facilities and cargo terminals in the Amsterdam, Rotterdam and Antwerp (ARA) port region and beyond and follow an attack on German fuel storage and distribution firm Oiltanking. Local reports suggested that loading and unloading of fruit cargoes in Antwerp had been difficult since Sunday 29 January. SEA-invest, one of the world’s largest terminal operators for everything from pineapples to chemical products has also been hit according to Belgian media, with De Tijd reporting its worldwide operations were badly affected. European oil, diesel and gasoline storage company Evos has admitted "disruption of IT services" amid a wave of cyber-attacks that have hit fuel storage facilities and broader port terminal operations this week.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |