European Oil Hacks

Josh Hickling

Managing Consultant

Josh is one of Pentest Peoples managing consultants , coming from a university background, who's heavily interested in the ethical hacking world.

European Oil Hacks

Last week saw the European Oil ports were hit by a cyberattack, authorities disclosed that this was a targeted Ransomware Attack against Belgium, Germany, and the Netherlands.

These threat actors have hit multiple European oil facilities in Belgium’s ports, including Antwerp, which is the second biggest port in Europe after Rotterdam.

Among the impacted port infrastructure, there is the Amsterdam-Rotterdam-Antwerp oil trading hub, along with the SEA-Tank Terminal in Antwerp.

“A spokesperson for prosecutors in the northern Belgian city confirmed on Thursday they had begun an investigation earlier this week, but declined to give further details,” reported Reuters agency. “Belgian business daily De Tijd reported that terminal operator Sea-Tank had been hit by a cyberattack last Friday. The company declined to comment.

“Growing Concern”

The incidents serve as a reminder of how cyber security is becoming a growing concern across the oil industry. Last year, Colonial Pipeline Co. paid a ransom after a hack forced it to shut the largest fuel pipeline in the U.S., resulting in shortages at filling stations and price spikes.

Attacks are Escalating

At this time there’s no concrete evidence on how the attacks were orchestrated or whom by. However, one thing that’s perfectly clear is the continuous escalation of cyberattacks, they’re becoming more sophisticated and hacker groups such as REvil are becoming more active. Today we spoke with senior consultant Liam on the recent attack and how businesses can stay ahead of emerging threats.

We hope you enjoyed this news bite, check here next week when we discuss the recent dangers with remote hacking of Apple devices due to a recent vulnerability!

Video/Audio Transcript

Last week, a major news story broke about all European oil facilities experiencing cyber attack. Today, I have Liam here, our Senior Consultant to talk about his perspectives on this attack. So then what are your thoughts,
Frankie, it's always worrying when cyber attacks start targeting parts of parts of national infrastructure, especially things that have massive knock on effects throughout the rest of the rest of common business. And the oil industry and certainly, certainly a business that, unfortunately does have a lot of these knock on effects as well. cyberattacks such as these are becoming more commonplace. And as I said before, it's it's just becoming more and more likely that people are going to be start to be targeted. I think a lot of the industries that have fallen slightly behind on their proactive security, are starting to feel the effects of that as a threat actors or even scripted he sang in basements, all around the United Kingdom in the globe, are a finding that of having more and more success with with launching these kinds of very damaging attacks.

So for small businesses, obviously, this is a massive issue. So what advice could you give small businesses out there to stay safe?

I think the issue of safety is always going to be one that's, unfortunately, a somewhat losing battle. But it's you know, the age old adage about not being faster than the bear just being faster than the man next to you comes to mind and making sure you have continuous productive security. So you are getting things tested, you are making sure things are being accurately, accurately monitored b value blue teaming, as well as the red team, as well. And, again, just if everything needs to be tested, make sure things are being checked once or twice, three times. Before you before you go live before you're exposing any data risk, and ensuring that you do have an understanding of exactly what the risks are. If it's if there's a small business, which a lot of these businesses that have been targeted, you end up in an unfortunate situation, and the budgets don't necessarily reflect the size of the problem you're trying to tackle. And when you have when you have massively, incredibly well funded grants and loans coming after you, it can feel like a bit of a losing battle. But just make sure you're not that slightly the man next to you in the basket.
So in terms of every day, what can what can people like me, what can individuals do every day to keep safe?

A lot of the onus does unfortunately fall on IT security teams, especially when you're dealing with these kind of sophisticated ransomware attacks. But everyday people can ensure they're following efficient training that are being provided at work, or even if you're not being provided work. First of all, ask for some, the secondary, just make sure you're not clicking on any attachments. We do regularly provide training ourselves here for businesses, and you'd be amazed about how, how common it is for people to click on links and just actually credentials into data portals. So making sure that first of all the IT security teams need to be making sure they're trying to block as many as these things as possible, using mail filtering, and other security tools like that. But also, you have a bit of a kind of personal responsibility to make sure that you're not going to engage in efficient, you are checking emails that are receiving both at work and in your personal life are legitimate. And you're not facilitating any of these attacks.

Yeah, I completely agree. Well, thank you so much, Liam, for giving us perspective on that. And join us next week, wherever we'll be talking about the Apple hacking, and with one of our other consultants, and we'll see you there. Thank you very much. Thank you very much.