Oil transport and storage companies hit by cyber attacks

A number of European oil transport and storage companies have fallen victim to a series of coordinated cyber attacks following this week’s breach at Oiltanking in Germany. It is understood that IT systems were disrupted at SEA Invest in Belgium and Evos in the Netherlands.

With IT systems offline and considerable port disruption reported, the latest attacks highlight the importance of tight security in the vulnerable oil and supply chain industries.

Research carried out by Bridewell Consulting in February 2021 showed that the majority (86%) of critical national infrastructure organisations had detected cyber attacks on their operational technology or industrial control systems in the prior 12 months, with 93% of these admitting experiencing at least one successful attack.

Jonathan Gould, senior cyber security consultant at Bridewell Consulting comments: “The risk of cyber attacks will differ per country. For example, some nations are more dependent on automation and control systems than others which increases exposure. Others may capable of offensive operations but their critical national infrastructure has a very limited internet footprint.

“Many organisations have felt pressure to automate and to open up remote management of control systems in a drive to reduce costs. However, without the right expertise to facilitate secure connectivity this can hamper, or even remove, ability to fallback to manual operations in an emergency. Some organisations may also have under-invested in cyber security in the past, despite evolving threats.

“The EU regulations are not too lenient. The issue is that there’s too much room for interpretation by national/industry regulators and individual infrastructure providers. Regulators need to get specific when it comes to baseline controls, but they’re often reluctant to do so.”

    Share Story:


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.