IB-company Dragos, specializing in the protection of industrial companies, found that 2 hacker groups, Xenotime and Kamacite, conduct “studies of digital systems” LNG Terminal Gasunie in Rotterdam (Netherlands). It is believed that these groups are allegedly related to Russia.
It is also expected that hackers will analyze the systems of other European LNG terminals (liquefied natural gas) and infrastructure in the energy sector to see where they can potentially affect the systems.
Other IB companies also observe an increase in activity in relation to critical infrastructure in Europe and the Netherlands. According to the Dutch IB-company ECLECTICIQ, the Xenotime group focuses for the first time in Europe-“Dutch LNG Terminal are currently a preferred object of research of Russian hackers.”
According to the IB-company ESET from January to September 2022, more than 5 million unique cyber attacks per month occurs on average. This is more than 20% more than in 2021. This includes phishing attacks, attacks using incidental programs or other types of malware, as well as DDOS attacks.
, according to Fox-IT, due to the energy crisis of the company operating in the energy sector, are the main target of cybercriminals. Especially in the supply chain and distribution of LNG. “LNG is important for the Netherlands, since the supply of Russian gas is suspended. If these terminals stop for any reason, gas production will be lost,” says Rene Peters, TNO gas technology director.
LNG terminal Eemshaven in the Netherlands now produces 8 billion cubic meters per year. In addition, gas production in Rotterdam will be increased to 16 billion cubic meters per year. Together, they account for more than 50% of gas consumption in the Netherlands, which is 40 billion cubic meters of gas per year.
The Dutch gas transmission company Gasunie did not specify whether she was aware of the hackers who are looking for vulnerabilities in the company’s networks. Also, the company did not say whether it tightened the measures earlier than the LNG industry was already subjected to cyber attacks. On June 8, 2022, an explosion occurred at the factory of a large American exporter of LNG Freeport LNG in Texas. The damage suffered suspended the work of the factory until the end of 2022. The explosion had a direct impact on increasing gas prices in Europe.
Several sources found a refusal to work security systems and associated this reason with the Xenotime attack.