German Fuel Supplier Offline After Cyberattack

German media is reporting that a German fuel supplier has been knocked offline after suffering a cyberattack.

Operations at Oiltanking GmbH, a German petrol distributor that supplies Shell gas stations in the country, have been severely impacted, prompting fears of fuel shortages in Germany, Bleeping Computer reported.

The case echoes the devastating cyberattack on May 2021 on a major fuel supplier (Colonial Pipeline) in the United States, which caused widespread fuel shortages and panic buying along the US east coast.

Critical facilities

Indeed, so serious was the Colonial Pipeline attack that the US government engaged emergency powers and US President Joe Biden received “personal briefings” about the cyberattack.

And the attack dominated the face-to-face meeting in June 2021 between Biden and Russia’s President Vladimir Putin.

President Biden reportedly promised Putin ‘retaliation’ if Russia attacks a list of 16 ‘critical’ facilities in America.

Now a fuel supplier (Oiltanking GmbH) in Germany has been attacked, which has also affected Mabanaft GmbH, an oil supplier.

Both entities are subsidiaries of the Marquard & Bahls group, which may have been the breach point, Bleeping Computer reported.

Oiltanking GmbH supplies the 1,995 Shell gas stations in Germany, but local officials have stressed there are no fuel shortages.

The managing director of the independent tank storage association in Germany, Frank Shaper, reportedly told der Spiegel that the attack does not endanger the supply of fuel in the country.

When the Colonial Pipeline attack happened in the US, many petrol stations on the East Coast ran out of fuel, and matters were not helped by panic buying.

It is reported that the problems facing Oiltanking GmbH may take some time to resolve, as the attack crippled the IT systems associated with the automation of the tank loading/unloading.

Nation state?

The attack comes the German intelligence service, BfV, last week warned local firms of ongoing cyberattacks coordinated by the APT27 Chinese state-supported hacking group.

So far, the Oiltanking GmbH has not been blamed on any particular group, but there is a worry that it could be the work of a state actor, seeking large-scale disruption and economic damage.

Last week the GCHQ’s National Cyber Security Centre (NCSC) warned British organisations to take action to bolster their cyber security resilience, in response to the malicious cyber incidents in and around Ukraine.

Amid the tense stand-off with Russia, Ukraine suffered a massive cyberattack that impacted at least 70 government websites, as well as the US, UK and Swedish embassies.

Germany has also become involved, due to Russia’s controversial Nord Stream 2 gas pipeline that will double Russian gas supplies to Germany.

The Nord Stream 2 gas pipeline has therefore become a geopolitical point, with NATO and the West warning the pipeline will be impacted if Russia goes ahead and invades Ukraine.