June 20, 2023
A DDoS attack took down the North Sea Port website, the company that operates the ports of Vlissingen and Terneuzen in Zeeland, and the Gent port in Belgium. The website was inaccessible for several hours, starting at 8:30 a.m. on Tuesday.
By early afternoon, the attack had been repelled, and the site was up and running again. Work in the port continued as usual, those systems were not affected.
June 14, 2023
The Port of Rotterdam, the largest seaport in Europe, reportedly suffered a major cyberattack that knocked off its official website for hours. According to Dutch news agency RTL Nieuws, a group of pro-Russian hackers targeted the Port of Rotterdam’s website and bombarded it with a DDoS attack. The websites of several other Dutch ports, including Groningen, Amsterdam, and Den Helder were also targeted by the threat actors.
While the official websites of the port authorities in Rotterdam, Amsterdam, and Den Helder were offline for several hours, the Groningen Seaport website was offline for the entire weekend. “For us, the website is important because we can inform the public, but we are not dependent on the website,” a spokesperson for the Port of Rotterdam said.
Port authorities also said that no other internal systems were affected by the attack and systems used for handling shipping were not impacted.
The Dutch National Cyber Security Centre repo
November 15, 2023
A cyberattack that hit automotive parts production at Yanfeng International Automotive Technology in the US this week has had a knock-on effect at Stellantis, with the carmaker forced to halt assembly on certain lines.
In a short statement Stellantis said: “Due to an issue with an external supplier, production at some North America assembly plants has been disrupted. We are monitoring the situation and working with the supplier to mitigate any further impact to our operations.”
The carmaker said it would not provide information on affected plants or any other details. There has been no comment from Yanfeng.
Yangfeng manufactures key parts like seats, interiors, and electronics, among other components. Yanfeng also supplies General Motors but the carmaker has not yet said if it will have any impact on its current production schedule.
September 12, 2023
The European aerospace giant Airbus said on Tuesday that it is investigating a cybersecurity incident following reports that a hacker posted information on 3,200 of the company’s vendors to the dark web. A threat actor using the moniker “USDoD” posted Monday on BreachForums that they obtained access to an Airbus web portal after compromising the account of a Turkish airline employee. The hacker claimed to have details on thousands of Airbus vendors, including names, addresses, phone numbers and emails, according to a report from Hudson Rock.
Airbus spokesperson Philippe Gmerek confirmed to Recorded Future News that hackers breached an “IT account associated with an Airbus customer” and that the company was investigating the incident. This account was used to download business documents dedicated to this customer from an Airbus web portal, the company said.
According to the Hudson Rock, the threat actor posted the leaked information publicly without making any demands. Few details are known about the threat actor or their motivations, but they have said they are a member of the relatively new ransomware group known as “Ransomed.”
March 17, 2023
Dutch maritime logistics company Royal Dirkzwager confirmed that it was hit with ransomware from the Play group. The attack is the latest in a string of attacks targeting the shipping industry. Company CEO Joan Blaas told The Record the ransomware attack did not have an effect on operations. The attack involved the theft of data from servers that held a range of contracts and personal information. Blaas confirmed that the Dutch Data Protection Authority has been notified of the attack and said he is in negotiations with the cybercriminals.
Blaas confirmed that the Dutch Data Protection Authority has been notified of the attack and said he is in negotiations with the cybercriminals.
January 6, 2023
Air France and KLM have informed Flying Blue customers that some of their personal information was exposed after their accounts were breached. Air France and KLM confirmed the data breach in a statement sent to BleepingComputer and said that customers’ sensitive data, such as passport or credit card numbers, was not exposed. The two airlines said that they also reported the incident to their countries’ data protection authorities.
Flying Blue is a loyalty program allowing clients of multiple airlines, including Air France, KLM, Transavia, Aircalin, Kenya Airways, and TAROM, to exchange loyalty points for various rewards.
February 3, 2022
“Evos said it had suffered delays at its terminals in Terneuzen in the Netherlands, Ghent in Belgium and Malta.” The company admitted to having several port terminals hit in multiple countries simultaneously: Terneuzen in The Netherlands; Ghent in Belgium and Birzebbuga in Malta. They only admitted to delays, not a complete shutdown. The Malta facility was acquired from Oiltanking last year, and could be subject to similar vulnerabilities.
Oiltanking Deutschland and Mabanaft, two German oil companies, were also hit by cyberattacks. Unconfirmed reports suggest that BlackCat ransomware may have compromised systems at these recent attacks.
June 27, 2017
Household products giant Reckitt Benckiser has said last month’s malware cyber-attack could lead to a permanent loss of revenue. The attack disrupted manufacturing and ordering systems at the company, whose products include Nurofen and Dettol. Although it had “largely contained” the attack, Reckitt said the disruption meant like-for-like revenue growth in the second quarter would be down 2%. It also said it expected to lose “some further revenue permanently”
July 3, 2022
SHI International has confirmed that a malware attack hit its network over the 4th July weekend. SHI is a New Jersey-based provider of Information Technology (IT) products and services.
The company said in a statement: “SHI was the target of a coordinated and professional malware attack. Measures were enacted to minimize the impact on SHI’s systems and operations. We are liaising with federal bodies including the FBI and CISA and there is no evidence to suggest that customer data was exfiltrated during the attack.”
April 4, 2021
Bakker Logistics was hacked over the 2021 Easter weekend, bringing deliveries from its distribution centres to a standstill. The company was no longer able to receive orders from customers, and it also had no visibility into which products were where in the warehouses. Moreover, the hack disrupted the transport planning, according to Director Toon Verhoeven in an interview with the Dutch news broadcaster NOS. This resulted in empty shelves in some stores.
Verhoeven confirmed that it was a ransomware attack and was not willing to comment on whether Bakker actually paid a ransom, but did confirm that the company had reported the incident to the police. It took a specialized security company several days to get the computer systems up and running again. According to Verhoeven, the backlog was expected to be cleared within a week, so the hack was unlikely to lead to a major shortage of cheese products or other groceries.
In a local media report spotted by Bitdefender, Verhoeven said he suspected the attackers gained a foothold through a Microsoft Exchange server vulnerability