Saudi Aramco Faces $50m Ransom Demand

National oil firm Saudi Aramco has confirmed that company files  have been leaked after hackers reportedly demanded a $50 million ransom from the world’s largest oil producer. Sources are reporting that that 1 TB of Aramco company data had been captured by cyber criminals, who are demanding $50 million in crypto currency to restore the data.

The global oil and gas industry has long been criticised for failing to invest in cyber security although Aramco has strengthened its cyber security since first being hit by the Shamoon virus in 2012, which resulted in the destruction of 30,000 of its computers. The source of the 2012 attack aimed to disrupt production from the world’s largest exporter of crude has never been identified.

The giant Saudi Arabian energy company has not said how the attack took place, whether its supply chain contractors had been hacked or if the files were leaked in some other way. "We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture," the firm said. It isn’t clear whether Saudi Aramco or its contractors heeded the extortion demands, but since there’s no indication of any data being encrypted in the attack, the primary concern would have been to keep the information away from its competitors.

The global energy industry has seen a major peak up in cyber attacks with Colonial Pipeline hack becoming the most visible recent example. The oil and gas industry, which includes the companies that own wells, pipelines and refineries, has long been a laggard in security spending, according to sources. 

Energy companies from electric utilities, to power-grid operators to pipeline operators have warned that cyber-attacks are becoming more and more prevalent. The largest US power grid operator, PJM Interconnection LLC, has warned regulators that it’s facing increasing attacks. 

Energy companies including electric utilities, power-grid operators and pipeline operators have warned that cyber attacks are becoming more and more prevalent

AlJazeera:      Bloomberg:        BBC:         Argus Media:      Techradar:       Silicon:        Business Live

You Might Also Read:

Critical Infrastructure And Cyber Security:

 

« Twitter Celebrity Hack Suspect Arrested
2021 Global Cyber Security Event »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

Team8

Team8

Team8 is Israel’s most prestigious cybersecurity think tank and venture creation foundry.

Steganos

Steganos

Steganos offers highly secure and easy to use software tools that protect and secure on and offline data.

ACPL Systems

ACPL Systems

We offer leading-edge technology solutions, expert professional and managed services and proven methodologies to ensure your data is protected and business risks are reduced.

DigitalXRaid

DigitalXRaid

DigitalXRAID is driven and motivated to ensure the bad guys don’t win. We’re dedicated to providing our clients with state-of-the-art cyber security solutions.

Barbara IoT

Barbara IoT

Barbara is an industrial device platform specifically designed for IoT deployments.

Gytpol

Gytpol

Gytpol is a leader in Endpoint Configuration Security (ECS) solutions, providing validation, remediation & securing of IT Policies and IT Infrastructure on-premise and in the cloud.

BIO-key

BIO-key

BIO-key is a pioneer and innovator, we are recognized as a leading developer of fingerprint biometric authentication and security solutions.

Wiz

Wiz

Wiz - the first cloud visibility solution for enterprise security: A 360° view of security risks across clouds, containers and workloads.

Palmchip

Palmchip

Palmchip is a Cyber Security, SOC and Software consulting company. We design and develop high performance and secure applications.

AgileBlue (Agile1)

AgileBlue (Agile1)

AgileBlue (formerly Agile1) is a managed breach detection company with an Autonomous SOC-as-a-Service for 24×7 monitoring, detection and guided response.

AlJammaz Technologies

AlJammaz Technologies

AlJammaz Technologies is the leading Technology Value-Added Distributor, which distributes advanced technology products, solutions and services in area including networking and cybersecurity.

risk3sixty

risk3sixty

Risk3sixty are information and cyber risk management craftsmen helping build business-first security and compliance programs.

Acumen

Acumen

Acumen's cyber security engineers protect your critical systems, in critical moments. We are here when you need us most.

Miggo Security

Miggo Security

Miggo is the first Application Detection and Response (ADR) platform on a mission to stop application breaches.

MadWolf Technologies

MadWolf Technologies

MadWolf’s mission is to deliver enterprise-quality managed services and focused applications to organizations operating in the non-profit, association and international development sectors.