CYBERSECURITYCyberattacks on Belgian Energy Companies

Published 3 February 2022

Oil facilities at Belgian ports have been hit with a cyberattack. The news comes a day after Germany launched an investigation into a similar incident.

Belgian authorities have opened an investigation into a cyberattack against at least two energy companies based in the port cities of Antwerp and Ghent, an official said on Thursday.

An investigation by the Federal Computer Crime Unit has started,” said Kristof Aerts, an official at the public prosecutor’s office in Antwerp — Europe’s second-largest port.

Prosecutors in the German port city of Hamburg also launched an investigation on Wednesday after two companies were hit by a possible ransomware strike.

The cyberattacks come as energy prices continue to rise, putting pressure on consumers. The price of oil reached a seven-year high in January amid tensions between western countries and Russia.

What are authorities investigating?

Details on the attack in Belgium were scant, but any damages appeared limited. Aerts did not confirm any links with the attack in Germany but said that such attacks “are naturally an international story, so that will certainly be looked at.”

There was a cyberattack at various terminals — quite some terminals are disrupted,” Jelle Vreeman, senior broker at Riverlake in Rotterdam, told the AFP news agency, referring to terminals at several European ports.

Their software is being hijacked, and they can’t process barges. Basically, the operational system is down,” he said.

Europol spokesperson Claire Georges said an investigation into the attack in Germany was “ongoing and in a sensitive stage.”

IT systems at a cross-border trading hub between the Dutch cities of Amsterdam and Rotterdam, with the Belgian city of Antwerp, were also hit, AFP reported.

The Dutch National Cyber Security Centre said the attacks were “probably committed with a criminal motive” and pledged to take further action “if necessary.”

Hackers targeting energy infrastructure

Two German oil supply companies, Oiltanking Deutschland GmbH and Mabanaft, were forced to enact an emergency legal clause used in the event that a company cannot fulfill a contract for unforeseen reasons.

They both said they had been victims of an attack that started Saturday. However, the head of Germany’s IT security agency Arne Schönbohm said the incident was “not grave.”

The German newspaper Handelsblatt reported that the ransomware used in the cyberattack was BlackCat — a software tool that gives hackers control over a targeted system. It is not yet known which software was used in the attack against Belgian facilities.

A similar scheme shut down the Colonial Pipeline in the eastern United States for several days in 2021. That attack, along with many others, has been blamed on Russian-speaking hacker groups.

This article is published courtesy of Deutsche Welle (DW).