At least six oil storage terminals in the Amsterdam-Rotterdam-Antwerp (ARA) refining hub are having difficulty loading and unloading refined product cargoes, owing to a broad cyberattack on European oil terminals that began on 29 January.
The affected terminals are operated by SEA-Tank, Oiltanking and Evos in Antwerp, Ghent, Amsterdam and Terneuzen. This adds to the 11 Oiltanking sites affected in Germany. Only one of Evos' two terminals in Amsterdam appears to have been affected, most likely the one now called Amsterdam East that it bought from Oiltanking last year.
The precise nature of the attack is unclear, and most directly-affected parties are not responding to media enquiries. The attack appears mainly to be hampering the administration of the tasks necessary to process the loading of cargoes. Market participants have suggested that at least one organisation in the ARA area has declared force majeure until they are able to remedy the problem, although Argus has not been able to confirm whether this is a terminal operator or a trading organisation. Mabanaft and Oiltanking have both already declared force majeure on some of their operations in Germany. The latter said today that loading and discharge operations continue at its ARA terminals but that some services may be subject to delays.
Several barges are waiting outside their destination terminals, and the delays are so far not sufficient to cause a discernible impact on refined oil product prices. If the situation is not resolved in the coming days then a price response would be inevitable, initially on gasoline blending components but eventually across most of the barrel. There has been no authoritative indication so far as to when the problem will be resolved.
Participants in the ARA barge market expressed frustration with the dearth of information today. The lack of comment from directly-affected parties may be a result of uncertainty about who will carry the liability for the loading delays.
Cyberattacks are an emerging danger to the security of the world's energy infrastructure. The Colonial Pipeline network in the US was affected by a cyberattack last year, which disrupted the flow of refined products from the US Gulf coast to the US Atlantic coast.