Vopak data breach a wake up call for petrochemical industry

Despite organizations increasing their cybersecurity protection, data breaches continue to occur. In the first quarter of 2023 alone, there have been several large data breaches that not only cost organizations millions but also indicate the security blindspots that cybercriminals are pouncing on.

In the Asia Pacific region, Australia and Malaysia are two countries that have been experiencing continuous data breaches in recent months. While both countries have announced measures to ensure organizations improve their data protection, they don’t cover every area that businesses should focus on.

Looking at the industries that continue to be targeted by cybercriminals, critical infrastructure, healthcare, telcos, and financial industries remain the most frequent victims.

According to Vijay Vaidyanathan, Regional Vice-President, Solutions Engineering – Asia Pacific & Japan at Claroty, the surge in data breaches and ransomware across varied industry sectors has been consistent. An independent global survey of 1,100 IT and OT security practitioners revealed that nearly 80% had experienced a ransomware attack in the previous 12 months. The more concerning information from the survey was that nearly half of the breaches met their objective in the sense there was site impact.

Additionally, Vaidyanathan highlighted that Claroty’s research arm Team82 had recently published a report on the vulnerability landscape for the Extended Internet of Things (XIoT) running such critical infrastructure. Their research found that nearly 50% of XIoT vulnerabilities disclosed during the second half (2H) of 2022 had a critical severity CVSS score of 9.5 or higher out of 10, and nearly two-thirds are exploitable over the network, confirming that physical proximity is not required in order to compromise the environment.

Another key finding Vaidyanathan pointed out is that the top impacts of the published vulnerabilities are Remote Code Execution (RCE), Denial of Service (DOS), and bypassing of security mechanisms such as authentication.

In Malaysia, Bloomberg reported that Dutch tank storage company Koninklijke Vopak NV had recently suffered a data breach at its terminal in the town of Pengerang in Southern Malaysia. In a tweet, the Rotterdam-based company stated that the “IT incident resulted in the unauthorized access of some data” at the terminal.

Data-leak. We can confirm that at Pengerang Independent Terminals (PTSB) in Malaysia there is an IT incident that resulted in the unauthorized access of some data. The terminal continues to operate. The incident is being investigated. We apologise for any inconvenience.

— Vopak in Nederland (@Vopak_Nederland) April 22, 2023

The company also said that the data breach is being investigated and that it did not impact Vopak’s global network. The Pengerang Independent Terminals, which has a capacity of 1.76 million cubic meters for petroleum products, is about 44% owned by Vopak, according to the company’s annual report.

“At Vopak, the incident resulted in unauthorized access of data, which corroborates the findings by research groups that security blind spots within assets can be exploited towards data leaks and exfiltration. Vopak is a critical infrastructure supplying varied fuels and raw materials for the critical downstream petrochemical industry. An incident on operational networks could have far-reaching consequences to the dependent critical industry infrastructure,” Vaidyanathan commented.

While it’s unclear how serious the data breach is, cyber incidents in critical infrastructures like these in the past have resulted in serious consequences. For example, the Colonial Pipeline ransomware attack in 2021 impacted computerized equipment managing the pipeline, disrupting the company operations.

“The data breach at VOPAK should serve as a grim reminder to the petrochemical sector in the ASEAN region that the significance of strong, reliable cyber and operational resilience cannot be overstated, and the time is now for organizations to shore up their defenses and strengthen their security measures for their industrial assets and networks,” added Vaidyanathan.

---

---

---

---