Rosneft Deutschland, the German subsidiary of Russian state-owned oil company PJSC Rosneft Oil Co. has been hit by a cyberattack, with hackers linked to Anonymous claiming responsibility.
According to The Local de, the German Federal Office for Information Security said today that the attack took place in the early hours of Saturday morning. Rosneft Deutschland is reported to have taken some systems offline, but its pipelines and refineries continued to operate as normal.
Hackers claiming to represent Anonymous – not a formal group but a decentralized international activist and hacktivist collective – claimed responsibility for the hack on Friday, a day before the German government said the attack took place. The hackers claimed that they stole 20 terabytes of data.
The attack was motivated by Russia’s invasion of Ukraine. On the Twitter account Anonymous News, the attack was said to be part of #OpRussia, a concerted effort by Anonymous hackers to target Russian interests. Hackers linked to Anonymous also claimed to have hacked and then released a database belonging to Roskomnadzor, the Russian federal executive agency responsible for monitoring, controlling and censoring media on March 10.
An investigation into the attack has been launched.
Rosneft is responsible for around a quarter of all crude imports into Germany and has part-ownership in three German oil refineries. Rosneft Chief Executive Officer Igor Sechin is a close ally of Vladimir Putin and is one of the Russian oligarchs that have been targeted by western sanctions. A $ 120 million yacht belonging to Sechin was seized by the authorities in France on March 3.
“With the global opposition to the Russian invasion of Ukraine, I doubt there is much sympathy for Rosneft, even as a subsidiary in Germany,” Saryu Nayyar, chief executive officer and founder of unified security and risk analysis company Gurucul Solutions Pvt Ltd AG, told SiliconANGLE. “This attack shows that globally, threat actor groups and nation-states are both potential disruptors to critical infrastructure or any private sector company.”
Nayyar warned that “all organizations should remain vigilant and continue to invest in cybersecurity solutions that employ advanced analytics and automated detection and response to thwart threat actors from disrupting operations, stealing sensitive data or detonating ransomware.”