A number of European oil transport and storage companies have fallen victim to a series of coordinated cyber attacks following this week’s breach at Oiltanking in Germany. It is understood that IT systems were disrupted at SEA Invest in Belgium and Evos in the Netherlands.

With IT systems offline and considerable port disruption reported, the latest attacks highlight the importance of tight security in the vulnerable oil and supply chain industries.

Research carried out by Bridewell Consulting in February 2021 showed that the majority (86%) of critical national infrastructure organisations had detected cyber attacks on their operational technology or industrial control systems in the prior 12 months, with 93% of these admitting experiencing at least one successful attack.

Jonathan Gould, senior cyber security consultant at Bridewell Consulting comments: “The risk of cyber attacks will differ per country. For example, some nations are more dependent on automation and control systems than others which increases exposure. Others may capable of offensive operations but their critical national infrastructure has a very limited internet footprint.

“Many organisations have felt pressure to automate and to open up remote management of control systems in a drive to reduce costs. However, without the right expertise to facilitate secure connectivity this can hamper, or even remove, ability to fallback to manual operations in an emergency. Some organisations may also have under-invested in cyber security in the past, despite evolving threats.

“The EU regulations are not too lenient. The issue is that there’s too much room for interpretation by national/industry regulators and individual infrastructure providers. Regulators need to get specific when it comes to baseline controls, but they’re often reluctant to do so.”

Share Story: