Key German fuel distributor, Mabanaft GmbH & Co. KG, has revealed that their IT systems were breached, resulting in disrupted payments at hundreds of filling stations across Europe.
Its parent company, Oiltanking GmbH Group, which operates terminals internationally also confirmed that along with Mabanaft, its systems were also affected. However, the company claims that the global markets continue to function safely.
Investigations are still ongoing coming less than a year after the massive Colonial Pipeline breach in the United States.
Security experts from Synopsys weighed in on the incident, saying
“While there isn’t much information available on the motivation, impact, and attack vector so far, it is interesting to see that even some not so publicly known organisations such as petrol distributors are getting attention from cyber-attackers nowadays. Then again, this is the case for all critical infrastructure elements – you don’t notice they exist, until they don’t,” said Stanislav Sivak, Associate Managing Software Security Consultant, Synopsys Software Integrity Group
“This is a perfect example of how software risk equates to business risk. Fortunately, in this instance, either due to other compensating controls or the breadth of the attack, the impact was limited to a partial Denial-of-Service and it seems that no data breach has occurred. Some informational sources on the Internet indicate that a ransomware attack could be the root incident.
“Having alternative independent operational options, such as paying by cash rather than by card, proves to be a good temporary solution. However, an up-to-date and simulated disaster recovery plan will help restore the necessary level of operations and prioritize next steps.”
Debrup Ghosh, Senior Product Manager, Synopsys Software Integrity Group, added: “This attack once again illustrates that today every company is a software company. Colonial Pipeline was perhaps just the start of a rather disturbing trend of cyberattacks on organisations tied to critical infrastructure. As a result, these companies need to invest in software supply chain risk management strategies to mitigate business risks posed by the recent exponential rise in malicious attacks.
“With the close adjacency between logistics and energy industries, both critical to national security, every CISO today in transportation, logistics and supply chain related companies should be asking their vendors for an extensive software bill of materials to build appropriate controls as part of their overall risk management strategy to satisfy regulatory, compliance and insurance requirements.”
