Saturday, September 25, 2021

Slide Slide Slide Slide Slide
Home Data Data compromised of Saudi Aramco after $50 million ransom demand

Data compromised of Saudi Aramco after $50 million ransom demand

The oil company did not name the supplier or explain how the data were compromised

After a cyber-extortionist claimed to have seized troves of its data last month and demanded a $50 million ransom from Saudi Aramco – the world’s largest oil producer, the company, On Wednesday, confirmed that some of its company files had been leaked via a contractor.

Aramco said in a statement that it had “recently become aware of the indirect release of a limited amount of company data which was held by third-party contractors”. The oil company did not name the supplier or explain how the data were compromised.

“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cyber-security posture,” Aramco added.

The statement came after a hacker claimed on the dark web that they had stolen one terabyte of Aramco’s data, according to a post from 23 June seen by the Financial Times. The hacker said it had obtained information on the location of oil refineries, as well as payroll files and confidential client and employee data.

In another post, the perpetrator offered to delete the data if Aramco paid up $50 million in a niche crypto-currency Monero, which is particularly difficult for authorities to trace. The post also offered prospective buyers the chance to purchase the data for about $5 million.

The oil giant has the capacity to pump more than one in every 10 barrels of crude in the global market and any threats to its security or facilities are closely watched by oil traders and policymakers.

After the hack of the Colonial Pipeline in the US earlier this year resulted in fuel shortages across the east coast of the country, the security vulnerabilities of energy companies and pipelines in particular have fallen under the spotlight recently.

It was unclear who was behind the Aramco incident. Cyber researchers noted that the attack did not appear to be part of a ransom-ware campaign, where hackers use malware to seize users’ data or computer systems and only release it once a ransom has been paid. Nor did the hacker claim to be part of a known ransom-ware gang.

Instead, the hacker appeared to have seized a copy of the data without using malware, and set up dark web profiles to telegraph its activities.

Cyber-security experts have said this was probably a retaliation for the Stuxnet attack on Iran’s nuclear programme, which has been widely attributed to the US and Israel.

The 2012 attack erased data on about three-quarters of Aramco’s computers, according to reports at the time, including files, spread sheets and emails. They were replaced with an image of a burning US flag.

Saudi Aramco refineries, including the newly opened Jazan facility, which was listed in screenshots of the allegedly leaked data, have also been subjected to physical attacks both from drones and missile strikes, which have been claimed by Iran-backed Houthi rebels in Yemen. The Jazan refinery is in Saudi Arabia’s south-west on the Red Sea, not far from the Yemen border.

Also read: DigiYatra: A paperless journey experience for domestic air traveller

Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter

khushbu
Khushbu Sonihttps://www.cionews.co.in
Chief Editor - CIO News | Founder & CEO - Mercadeo

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -WhatsApp Image 2020 11 10 at 1.52.58 PMWhatsApp Image 2020 11 10 at 1.52.58 PMWhatsApp Image 2020 11 10 at 1.52.58 PMWhatsApp Image 2020 11 10 at 1.52.58 PM

Most Popular

Digital transformation: Pradeep Kumar Singh joins Aakash Educational Services as CTO

To be a part of its digital transformation journey, Aakash Educational Services Limited is also looking to hire a significant number of talents Pradeep Kumar...

IT solutions provider Mouri Tech to create 10000 new jobs across multiple locations in the country

Including 500 in the US, the IT solutions provider has a global headcount of around 3500, and the remaining 3000 are spread across India...

Data centres with capacity of 200 MW to be set up by Sify Technologies

Sify over the years has built and operates 10 carrier-neutral data centres, currently offering more than 70 MW at Vashi, Bengaluru, Chennai, Airoli, Noida,...

I started my career as a technology entrepreneur, says Ashutosh Bijoor, CTO at Accion Labs

As a CTO, it is important to be able to justify technology investments based on the opportunity cost of innovation rather than cost savings One...

Recent Comments