Saudi Aramco, the world’s largest producer of oil, has stated that they have suffered a data leak through one of its contractors. On Wednesday, the 21st of July, Saudi Arabia’s state oil giant confirmed via a statement to the Associated Press (AP) that from the leaked data, some files are now reportedly being used in a cyber-extortion attempt where hackers are demanding a ransom of $50 million.
“We recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors. We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture.”
However, the world’s most valuable oil producer did not disclose the identity of the third-party contractor or whether the contractor had been hacked or the exact manner in which the files were leaked. The Associated Press reported that 1 terabyte or 1000 gigabytes of data is being held by an extortionist on a darknet page.
What we know from Saudi Aramco
“We recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors. We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture.”
It has been reported by AP that the darknet page has given a chance to Saudi Aramco to have all the data deleted for a sum of $50 million to be paid through cryptocurrency. In recent times, a lot of ransom demands are being made asking for cryptocurrency because it can sometimes be virtually impossible to track.
Another timer on the darknet page counted down from $5 million, most probably in an effort to pressurize the company. According to AP, this page can only be accessed through “specialized anonymity-providing tools” as the darknet is a part of the internet within an encrypted network.
Not the first time
The oil and gas industry has always been prone to cybersecurity threats due to its lack of investment in cybersecurity. Companies that own oil wells, pipelines, refineries, etc. have repeatedly been targeted by hackers over the years. The Colonial Pipeline incident is one such high-profile case in recent times.
Saudi Aramco itself has been subject to a cyberattack back in 2012. The Saudi Arabian Oil Co. was attacked by the so-called Shamoon computer virus which was known to delete hard drives and display a picture of a burning American Flag on the computer screen. This attack forced Saudi Aramco to shut down its network and destroy over 30,000 computers later.
Another infamous incident was the attack on Sadara, the joint venture between Saudi Aramco and Dow Chemical Co. The virus swept across the kingdom and disrupted computers in a similar manner to the attack in 2012. At the time, it was thought to be another version of the Shamoon virus itself.
Being the world’s largest exporter of crude oil, protecting important data is an implied duty especially in a year where hacks and data leaks have been on the rise. As per a PWC report from 2016, the Middle East has been a magnet for the world’s costliest hacks. A survey from that same report showed that hundreds of companies in the Middle East did not have the capabilities to fend against cyberattacks.
“It will take more than just the allocation of financial resources to keep ourselves safe from today’s cyber threats,”
Mohammed al Zarooni, acting director general of information and e-government at the U.A.E.’s Telecommunications Regulatory Authority
Add Comment