top of page

European fuel distributors hit by cyberattacks

11 February 2022

A Key German fuel distributor is investigating a cyberattack that took its automated systems offline in what is being seen as the latest attempt by hackers to disrupt critical systems in Europe.


This attack comes less than a year after the biggest refined petroleum pipeline in the U.S. was halted by a hack.


The incident at the end of January involved Mabanaft GmbH & Co. KG and its parent company Oiltanking and is understood to have taken offline the automated systems responsible for filling and emptying its German fuel storage tanks at 13 facilities which manage around 155 million tonnes of material every year.


As a consequence, Oiltanking and Mabanaft declared force majeure on supplies within Germany.


Prosecutors are investigating whether Mabanaft’s parent company was the victim of a ransomware attack which highlights the potential threat of cyber-attacks for the fuel industry.


Last year, Colonial Pipeline Co. paid a ransom after a hack forced it to shut the largest fuel pipeline in the U.S., resulting in shortages at filling stations and price inflation.


Following confirmation of the IT system breach at Mabanaft GmbH & Co. KG, there were reports that terminals in the Amsterdam-Rotterdam-Antwerp oil trading hub were also affected. Shell Plc said it had to seek alternative supply, with trucks unable to load at fuel depots linked to Mabanaft.


Gary Gardiner, Head of Security, APAC & Japan, Check Point Software Technologies, said: “Cybercriminals like to hit us where it hurts. The recent cyber-attack on Oiltanking Deutschland underscores a clear trend of ransomware gangs targeting our critical infrastructure.


“In 2021, the global utilities sector saw a staggering 274% increase in the number of average weekly attacks compared to 2020, according to Check Point Research’s (CPR) latest Security Report. The choice to target Oiltanking Deutschland was highly strategic by cyber criminals. They’re looking for a snowball effect.”


There have been other notable cyber-attacks in Europe in 2022 targeting the fuel sector with Belgian prosecutors investigating an attack that affected SEA-Invest terminals including the company's largest in Antwerp, called SEA-Tank. A spokesperson for the company said every port they run in Europe and Africa was affected.


W Denis procure market leading cyber insurance for organisations around the world, including major global corporations down to new business start-ups. For further information visit www.wdenis.euor contact mark.dutton@wdenis.com or Vida Jarašiūnaitė Vida.Jarasiunaite@wdenis.eu

bottom of page