Saudi Aramco Faces $50m Ransom Demand

National oil firm Saudi Aramco has confirmed that company files  have been leaked after hackers reportedly demanded a $50 million ransom from the world’s largest oil producer. Sources are reporting that that 1 TB of Aramco company data had been captured by cyber criminals, who are demanding $50 million in crypto currency to restore the data.

The global oil and gas industry has long been criticised for failing to invest in cyber security although Aramco has strengthened its cyber security since first being hit by the Shamoon virus in 2012, which resulted in the destruction of 30,000 of its computers. The source of the 2012 attack aimed to disrupt production from the world’s largest exporter of crude has never been identified.

The giant Saudi Arabian energy company has not said how the attack took place, whether its supply chain contractors had been hacked or if the files were leaked in some other way. "We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture," the firm said. It isn’t clear whether Saudi Aramco or its contractors heeded the extortion demands, but since there’s no indication of any data being encrypted in the attack, the primary concern would have been to keep the information away from its competitors.

The global energy industry has seen a major peak up in cyber attacks with Colonial Pipeline hack becoming the most visible recent example. The oil and gas industry, which includes the companies that own wells, pipelines and refineries, has long been a laggard in security spending, according to sources. 

Energy companies from electric utilities, to power-grid operators to pipeline operators have warned that cyber-attacks are becoming more and more prevalent. The largest US power grid operator, PJM Interconnection LLC, has warned regulators that it’s facing increasing attacks. 

Energy companies including electric utilities, power-grid operators and pipeline operators have warned that cyber attacks are becoming more and more prevalent

AlJazeera:      Bloomberg:        BBC:         Argus Media:      Techradar:       Silicon:        Business Live

You Might Also Read:

Critical Infrastructure And Cyber Security:

 

« Twitter Celebrity Hack Suspect Arrested
2021 Global Cyber Security Event »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Code Dx

Code Dx

Code Dx is a software application vulnerability correlation and management system.

CISPA Helmholtz Center for Information Security

CISPA Helmholtz Center for Information Security

The CISPA Helmholtz Center for Information Security is a German national Big Science Institution within the Helmholtz Association. Our research encompasses all aspects of Information Security.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

SpyCloud

SpyCloud

SpyCloud is a leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts either directly or through product integrations.

Ustels

Ustels

Ustels provides brand protection strategy, intelligence, monitoring and enforcement services.

Avertium

Avertium

Avertium is the managed security and consulting provider that companies turn to when they want more than check-the-box cybersecurity.

Stratosphere Networks

Stratosphere Networks

Stratosphere Networks offer managed cybersecurity services rooted in Managed Detection and Response and Security Operations Center services that our team can tailor to meet your needs.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

Nardello & Co

Nardello & Co

Nardello & Co. is a global investigations firm with experienced professionals handling a broad range of issues including Digital Investigations & Cybersecurity.

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

CMDC’s mission is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

Credible Digital Security Pvt. Ltd. (CDSPL)

Credible Digital Security Pvt. Ltd. (CDSPL)

CDSPL is an innovative Cyber Security Services Company in India. We are committed to offering cyber security solutions for important sectors such as energy and utilities, healthcare, and more.

Siren

Siren

Siren provides the leading Investigative Intelligence Platform to some of the world’s leading Law Enforcement, National Security and Cyber threat investigators.

Exacom

Exacom

Exacom is a leading provider of multimedia logging/recording solutions across public safety, government, DoD, energy, utilities, transportation, and security applications.

Dexian

Dexian

Dexian is a leading provider of staffing, IT, and workforce solutions with nearly 12,000 employees and 70 locations worldwide.

Breathe Technology

Breathe Technology

Breathe Technology has been providing Managed IT Support/ Service Desk, Cloud Services, Cyber Security & Communications to businesses and schools since 2003.