Friday, July 1, 2022

Slide
Home Data Data compromised of Saudi Aramco after $50 million ransom demand

Data compromised of Saudi Aramco after $50 million ransom demand

The oil company did not name the supplier or explain how the data were compromised

After a cyber-extortionist claimed to have seized troves of its data last month and demanded a $50 million ransom from Saudi Aramco – the world’s largest oil producer, the company, On Wednesday, confirmed that some of its company files had been leaked via a contractor.

Aramco said in a statement that it had “recently become aware of the indirect release of a limited amount of company data which was held by third-party contractors”. The oil company did not name the supplier or explain how the data were compromised.

“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cyber-security posture,” Aramco added.

The statement came after a hacker claimed on the dark web that they had stolen one terabyte of Aramco’s data, according to a post from 23 June seen by the Financial Times. The hacker said it had obtained information on the location of oil refineries, as well as payroll files and confidential client and employee data.

In another post, the perpetrator offered to delete the data if Aramco paid up $50 million in a niche crypto-currency Monero, which is particularly difficult for authorities to trace. The post also offered prospective buyers the chance to purchase the data for about $5 million.

The oil giant has the capacity to pump more than one in every 10 barrels of crude in the global market and any threats to its security or facilities are closely watched by oil traders and policymakers.

After the hack of the Colonial Pipeline in the US earlier this year resulted in fuel shortages across the east coast of the country, the security vulnerabilities of energy companies and pipelines in particular have fallen under the spotlight recently.

It was unclear who was behind the Aramco incident. Cyber researchers noted that the attack did not appear to be part of a ransom-ware campaign, where hackers use malware to seize users’ data or computer systems and only release it once a ransom has been paid. Nor did the hacker claim to be part of a known ransom-ware gang.

Instead, the hacker appeared to have seized a copy of the data without using malware, and set up dark web profiles to telegraph its activities.

Cyber-security experts have said this was probably a retaliation for the Stuxnet attack on Iran’s nuclear programme, which has been widely attributed to the US and Israel.

The 2012 attack erased data on about three-quarters of Aramco’s computers, according to reports at the time, including files, spread sheets and emails. They were replaced with an image of a burning US flag.

Saudi Aramco refineries, including the newly opened Jazan facility, which was listed in screenshots of the allegedly leaked data, have also been subjected to physical attacks both from drones and missile strikes, which have been claimed by Iran-backed Houthi rebels in Yemen. The Jazan refinery is in Saudi Arabia’s south-west on the Red Sea, not far from the Yemen border.

Also read: DigiYatra: A paperless journey experience for domestic air traveller

Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter

khushbu Soni CIO News Mercadeo
Khushbu Sonihttps://www.cionews.co.in
Chief Editor - CIO News | Founder & CEO - Mercadeo

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -1x1 banner1x1 banner1x1 banner1x1 banner

Most Popular

GBM conducts artificial intelligence event, UAE organisations to increase spending

The artificial intelligence event delved into how organisations can get started on their AI journeys For an exclusive artificial intelligence event, GBM has brought together...

Clean technology: LG to invest $1.5bn

The push in the clean technology sector will help LG make "a shift toward more high-value industries" LG Corp, South Korea's fourth-largest conglomerate, said on...

AI technology firm Nala Robotics to supply Slice Factory with its autonomous chef

Under the terms of the agreement, to help fuel national expansion efforts the AI technology company will custom design and install Pizzaiola at Slice Factory's...

There shouldn’t be a separation between business and technology, says Deepak Garg, Co-Founder and Chief Technology Officer (CTO) at Dista

The real value a technologist can bring is alignment of technology with actual business needs When asked how he planned his career path to be...

Recent Comments