Saudi Aramco Faces $50m Ransom Demand

Uploaded on 2021-08-02 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Production-Energy

National oil firm Saudi Aramco has confirmed that company files  have been leaked after hackers reportedly demanded a $50 million ransom from the world’s largest oil producer. Sources are reporting that that 1 TB of Aramco company data had been captured by cyber criminals, who are demanding $50 million in crypto currency to restore the data.

The global oil and gas industry has long been criticised for failing to invest in cyber security although Aramco has strengthened its cyber security since first being hit by the Shamoon virus in 2012, which resulted in the destruction of 30,000 of its computers. The source of the 2012 attack aimed to disrupt production from the world’s largest exporter of crude has never been identified.

The giant Saudi Arabian energy company has not said how the attack took place, whether its supply chain contractors had been hacked or if the files were leaked in some other way. "We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture," the firm said. It isn’t clear whether Saudi Aramco or its contractors heeded the extortion demands, but since there’s no indication of any data being encrypted in the attack, the primary concern would have been to keep the information away from its competitors.

The global energy industry has seen a major peak up in cyber attacks with Colonial Pipeline hack becoming the most visible recent example. The oil and gas industry, which includes the companies that own wells, pipelines and refineries, has long been a laggard in security spending, according to sources. 

Energy companies from electric utilities, to power-grid operators to pipeline operators have warned that cyber-attacks are becoming more and more prevalent. The largest US power grid operator, PJM Interconnection LLC, has warned regulators that it’s facing increasing attacks. 

Energy companies including electric utilities, power-grid operators and pipeline operators have warned that cyber attacks are becoming more and more prevalent

AlJazeera:      Bloomberg:        BBC:         Argus Media:      Techradar:       Silicon:        Business Live

You Might Also Read:

Critical Infrastructure And Cyber Security:

 

« Twitter Celebrity Hack Suspect Arrested
2021 Global Cyber Security Event »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IntaForensics

IntaForensics

IntaForensics offer a full range of digital investigation services and are able to adapt to the individual needs of solicitors, private clients, Law Enforcement Agencies and commercial businesses.

Cybereason

Cybereason

Cybereason provides real-time detection of malicious activity enabling you to identify the cause and scope of an attack and ensure an effective response.

AFCON Control & Automation

AFCON Control & Automation

AFCON is a leading global provider of software solutions and services for the smart management of Control & Automation systems in the age of Digital Transformation.

NetLib Security

NetLib Security

NetLib Security’s powerful, patented data security platform helps companies control data loss prevention (DLP) by managing what data can be transferred outside of their network.

Inogesis

Inogesis

QSecure

QSecure

QSecure specializes in the provision of information security and risk management services.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

Tata Consultancy Services

Tata Consultancy Services

Tata Consultancy Services is a global leader in IT services, consulting & business solutions including cyber security.

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

Ataya & Partners

Ataya & Partners

Ataya & Partners is a consulting company that delivers data protection, cybersecurity and IT & Digital governance services.

Euro-Recycling

Euro-Recycling

Euro-Recycling is a leading UK provider of Secure On-Site Data Media Destruction Services.

Aristi Technologies

Aristi Technologies

Aristi provides cybersecurity risk and compliance services to help manage your unique cyber risks, safeguarding your systems and data and complying with government and industry standards.

LocateRisk

LocateRisk

LocateRisk provides more efficiency, transparency and comparability in IT security with automated, KPI-based IT risk analyses.

SNC-Lavalin

SNC-Lavalin

SNC-Lavalin is a fully integrated professional services and project management company with offices around the world.

CYGNVS

CYGNVS

CYGNVS is a guided cyber crisis response platform providing anytime, anyplace access. A SaaS platform for cyber crisis management – a safe way to connect and control your response.

SolidityScan

SolidityScan

SolidityScan is an advanced smart contract scanning tool designed to uncover vulnerabilities and proactively address risks within your code.

Methods

Methods

Methods is the leading digital transformation partner for the UK public sector. We care deeply about making our public services better and have been doing this for over 28 years.