Hackers allegedly demand $ 50 million from Saudi Aramco for data breaches

Hackers allegedly demand $ 50 million from Saudi Aramco for data breaches

Points Highlighted:

  • The files are now reportedly being used in an attempt to extort $50m (£36.5m) from the company.

  • The world’s most valuable oil producer Saudi Aramco has confirmed to the BBC that company data has leaked from one of its contractors.

The global oil and gas industry has long been criticised for failing to invest in cyber security.

In an emailed statement, Aramco told the BBC that it “recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors.”

In May, the Colonial Pipeline in the US was hit by a ransomware cyber-attack.

The Saudi Arabian energy giant did not say which contractor was affected nor whether the contractor had been hacked or if the files were leaked in some other way.

“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture,” the firm said.

According to the Associated Press (AP), one terabyte, or 1,000 gigabytes, of Aramco’s data was being held by extortionists, citing a page on the darknet – a part of the internet within an encrypted network which is accessible only through specialised anonymity-providing tools.

The AP report said the page offered to delete the data in exchange for $50m in cryptocurrency, although it is unclear who is behind the ransom plot. Aramco did not immediately respond to a BBC request for clarification over the AP report that the company was the target of a $50m extortion attempt.

The oil and gas industry, which includes companies that own wells, pipelines and refineries, has failed to invest in cyber-security over the years, according to experts. This is not the first time Aramco has been the target of a data-related attack. In 2012, the company’s computer network was hit by the so-called Shamoon virus.

A cyber-attack this year on the Colonial Pipeline in the US further highlighted the vulnerabilities of the energy industry’s computer systems. You may also be interested in:

The Techgadgetguides is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com Inc.
We will be happy to hear your thoughts

Leave a reply

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.

Tech Reviews and Guides | Techgadgetguides.com
Logo