Oil terminals located within ports and related logistics outfits have been major targets for cyber-attacks in recent days across Europe.
Belgium persecutors have launched an investigation into a wide-scale cyber-attack on oil facilities at the country’s ports, including Antwerp, according to reports on 3 February.
The incident is reported to be disrupting the unloading of barges at some European ports, including the Port of Antwerp.
This is not the only attack of this kind in recent weeks. On 31 January two German firms Oiltanking GmbH Group and Mabanaft Deutschland GmbH & Co. KG confirmed they have been subject to a cyber-attack that disrupted operations.
The cyber incident which affected the company’s IT systems resulted in the company declaring a force majeure, therefore alleviating the company’s liability if contractual obligations are not met because of the incident. Mabanaft has also declared force majeure for the majority of its inland supply activities in Germany.
In a statement the companies confirmed they are investigating the issue with external specialists to resolve the incident promptly.
As a result of the cyber incident, oil giant Shell said it was rerouting some of its operations to minimize disruption.
Gadi Benmoshe, senior cybersecurity expert at Cyberstar, and former CIO at Israel Ports company, spoke to CS Hub about the recent incidents and said: “The impact of such attacks can be both physical and digital. There is a risk that it can cause leaks of dangerous liquids. If a ship’s GPS is tampered with this can ultimately lead to vessels crashing into quays.”
Port operations must continue
Ports, terminals and the logistics sector are all undergoing rapid digitization which has been accelerated by the Covid-19 pandemic.
However, this streamlining of operations with digital solutions increases the level of cyber security risks.
Ports are complex entities with multiple stakeholders and numerous automated processes and systems which all need to be addressed in the face of a cyber-attack.
With this in mind, in September 2021 the International Association of Ports and Harbors (IAPH) launched its Cybersecurity Guidelines for Ports and Port Facilities.
“The question is not if there will be an impact on your system, it is when. Ports need to be prepared,” Benmoshe says.
He adds that it is not just about protecting a port’s infrastructure but building contingency reflexes. Ports need to be operationally prepared when cyber incidents strike, they must have crisis strategies which will allow them to continue operating even if systems are down.
“Ransomware attacks can take between seven and 14 days to recover from and attackers may have already breached the backup systems. Ports need to be ready to find other means to operate.”
Benmoshe has witnessed perceptions around cyber capabilities mature in recent years. With cyber security no longer being regarded solely as an expense but as necessity to protect overall income.
To this end, Benmoshe is working with cyber company Cyberstar, owned by Israeli shipping line ZIM, to use cyber simulations to prepare ports and terminals operationally around incident response.
In its executive summary, the IAPH urged that C-suite executives take the lead in allocating resources to address cyber security, actively manage governance and build an organizational culture to support cybersecurity operations. The association clarified that these executives should also develop leadership strategies for cyber resilience including the creation of a port ecosystem cybersecurity workforce.
Find out more about cyber security issues relating to critical infrastructure by catching up on CS Hub’s Government and Critical Infrastructure Digital Summit