Ransomware Roundup: 02.11.22

Industry
Written by
Halcyon Team
Published on
Feb 11, 2022

Operations at major oil storage and port facilities in Belgium, the Netherlands, and Germany were disrupted due to suspected ransomware attacks against several companies.

Oiltanking GmbH and Mabanaft GmBH – subsidaries of Marquad & Bahls – were both hit by BlackCat ransomware, the impacts of which caused Shell to reroute oil supplies to other port depots. Reports indicate that the companies were operating in a limited capacity and had declared force majure on inland supply activities as 13 fuel terminals and 200+ petrol stations were disrupted throughout Germany. The Federal Office for Information Security (BSI) implicates the BlackCat (also known as ALPHV) ransomware group in the attack.

In a separate incident, international port terminal operator SEA-Invest was hit with still-unknown cyberattack that brought its operations in Europe and Africa to a halt. It is not yet known if this second attack is linked to the previous attack against Oiltanking GmbH and Mabanaft GmBH or even if the cause was ransomware, but reports indicate that company IT systems resulted in disruption of various terminal operations in Antwerp, the second largest port in Europe.

The Cybersecurity & Infrastructure Security Agency (CISA) released their 2021 trend report showing the increased globalized threat of ransomware. Key takeaways from this report show that at least 14 of 16 critical infrastructure sectors were impacted by ransomware incidents and that criminal ransomware operations have continued to evolve their tactics.

These groups have started to move down market to target 1,000 – 10,000 employee organizations as large-scale incidents like the Colonial Pipeline attack can bring unwanted attention to them. The report also covers the increased targeting of cloud infrastructure providers, managed service providers, and critical infrastructure as well as increased attention on software supply chains. The report is available via CISA.gov.

DarkReading notes that BlackCat (ALPHV) is on the rise. The criminal group has been offering lucrative affiliate offers of 80%+ revenue share and has “named and shamed” more than a dozen victims in less than a month. Researchers from Palo Alto Networks’ Unit 42 team have written extensively about the growth of this group.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back
Next