German petrol distribution firm Oiltanking GmbH, which is responsible for supplying Shell gas stations across the country, confirmed it suffered a cyberattack that severely impacted its operations. This company is a major subsidiary of the Marquard & Bahls group, which could give an indication of the origin of the attack.
Considering that Shell operates more than 1,900 gas stations in Germany, the incident could cause a serious supply crisis, thus impacting economic activities throughout the country. However, the company’s executives say that the consequences are not as serious as the most pessimistic fear.
“We took immediate steps to improve the security of our systems and processes and launched an investigation into the incident. We are working to solve this problem and understand its full scope; we will conduct a thorough investigation, together with external specialists and the relevant authorities. All terminals continue to operate safely,” a company’s statement mentioned.
On the other hand, a government representative states that the incident does not jeopardize the supply of used fuel in Germany on a daily basis, although it has generated a significant disruption in the systems of the affected company, which will have to work overtime to solve these problems before generating a real problem in the supply chain.
This could refer to the automation of the processes of loading and unloading fuel tanks, which are now carried out manually, delaying the rest of the steps in the distribution chain. In addition, Oiltanking is operating without being able to access its 13 tank parks, so it has resorted to temporary charging points.
Although the company has not shared details about the nature of the cyberattack, cybersecurity specialists believe that these interuptions in its systems are a clear indication of a ransomware infection. This hypothesis could be confirmed in the coming days if the attackers decide to leak confidential company information.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.