A cyberattack has struck two German fuel and oil distributors, disrupting operations and supply chain management.

The attack targeted Oittanking Deutschland GmbH and Mabanaft GmbH & Co KG Group, both subsidiaries of Marquard & Bahls AG, on Jan. 29. The form of cyberattack has not been disclosed.

Oiltanking supplies 26 companies in Germany with fuel, including 1,955 Shell gas stations. Reuters reported today that Shell Deutschland GmbH said that it had been able to “re-route to alternative supply depots for the time being.”

In a joint statement, the two affected companies said that they were working to resolve the issue as quickly as possible. “We are undertaking a thorough investigation, together with external specialists and are collaborating closely with the relevant authorities,” Oiltanking and Mananaft said. “All terminals continue to operate safely.”

The extent of disruptions is not clear. Some reports suggest that the attack has shut down all of Oiltanking’s loading and unloading operations, effectively bringing the company’s business to a standstill. Officially, the company says its terminals are operating with limited capacity.

Of interest is that Oiltanking has declared force majeure for most of its supply activities. The activation of force majeure excuses the company from meeting contractual obligations in an extraordinary event that is beyond its control.

No hacking gang is yet to claim responsibility for the attack. Although the form of the attack remains unknown, the obvious candidate is ransomware. Notably, the websites for the two companies targeted, along with parent company Marquard & Bahls, are all offline as of the time of writing.

Previous attacks on supply chains include a ransomware attack that targeted oil piper operator Colonial Pipeline Co. in May, which caused fuel shortage on the U.S. East Coast. An attack on JBS S.A., the world’s largest meat processing company in June resulted in meat shortages in the U.S., Canada and Australia.

“Impacting elements of the fuel, heating and combustibles supply chain during the winter season potentially puts human safety and wellbeing in the crosshairs,” Tim Wade, technical director of the CTO Team at cybersecurity company Vectra AI Inc., told SiliconANGLE. “These types of attacks underscore the very serious risks posed by criminals to foundational parts of essential services and infrastructure.”

Although it’s speculation, it’s possible that an attack targeting Germany could have been specifically targeted in terms of the broader geopolitical situation. Hank Schless, senior manager of security solutions at endpoint-to-cloud security company Lookout Inc., noted that the timing of this aligns with Russia having threatened to shut off its pipelines into Europe amid the crisis in Ukraine.

“There isn’t enough information to say who was responsible, but regardless the attackers saw an opportunity to put even more pressure on Germany, which is one of the largest consumers of Russian gas in Europe,” Schless added. “This is the perfect example of using a high-pressure situation to create opportunity for malicious cyber activity, which attackers do as often as they can.”

Photo: Oiltanking/LinkedIn