The group said it had captured 20 terabytes of data and that “it is confirmed to have caused extensive damage.”
Rosneft Deutschland reported the incident in the early hours of the morning on March 12, the BSI confirmed to die Welt newspaper, adding that the BSI had offered support to rectify the issue and is in constant communication with Rosneft.
A cyber security warning has also been issued to other stakeholders in the petroleum industry, according to die Welt, which reported that there had so far been no effect on Rosneft’s business or supply chain.
German news outlet Der Spiegel also reported on the cyber attack, adding that the Federal Criminal Police Office (BKA) confirmed it was investigating the incident.
The Epoch Times has contacted Rosneft Germany and the Federal Office for Information Security for comment.
According to its website, Rosneft Deutschland in Germany is the “third largest petroleum refinery company, processing roughly 12.5 million tons of crude oil per year; which amounts to more than 12 percent of the Federal Republic of Germany’s total processing capacity.”
The German subsidiary is “both responsible for supplying refineries PCK, MiRO and Bayernoil with crude oil, as well as for the distribution of petroleum products.”
In the past three years, Rosneft was responsible for, on average, about one-quarter of crude oil imports into Germany, according to the company.
Amid backlash to Russia’s invasion of Ukraine, Western nations have levied a number of sanctions against Russian oligarchs with close ties to Russian President Vladimir Putin.
Rosneft’s chief executive is Igor Sechin, who is said to be a close associate of Putin. Earlier this month, authorities in France said they had seized a yacht linked to the CEO in the Mediterranean port of La Ciotat.
Meanwhile, former German Chancellor Gerhard Schroeder, another reportedly close associate of Putin, is chairman of the board of directors for Rosneft and has come under fire for the role.
“For some anons from Germany, this is exactly a reason to take a closer look at Rosneft Germany. Not because of the refineries, but because of the lobbying, the sanctions,” Anonymous said in a March 11 statement.
The group said that during the hack, it pulled data which includes “complete hard disk images of employee laptops and computers, hard disk images of a mail server (34GB), many archive files (ZIP, TAR.GZ and 7Z), CSV, XLSX, DOC and of course software packages, manuals, license keys for software, and – because everything is Microsoft Windows – thousands of DLLs.”
Anonymous added that it “didn’t want to mess around directly with the Russian energy companies … because there are some sanctioning states whose energy supply is linked to Russia.”
“But Rosneft Germany is interesting enough,” the group said.
While Anonymous said it was able to successfully retrieve the vast amount of data from the energy giant, the hack was abruptly cut off. Rosneft Deutschland GmbH told local media it had taken its systems offline for the time being.