Saudi Aramco confirms data leak after $50m cyber ransom demand

Saudi Aramco, the world’s largest oil producer, claimed on Wednesday that cybercriminals had seized hordes of data last month and demanded a ransom of $ 50 million from the company, after which some of the company’s files were contractors. I confirmed that it was leaked through.

“We recently noticed the indirect disclosure of a limited amount of corporate data held by third-party contractors,” Aramco said in a statement. The oil company did not appoint a supplier or explain how the data was compromised.

“We have confirmed that the disclosure of data is not due to a system breach and does not affect operations. The company remains robust. Cyber ​​security “Posture,” Aramco added.

According to a June 23 post by the Financial Times, the statement came after a hacker claimed to have stolen a terabyte of Aramco’s data on the dark web. Hackers said they had obtained information about the location of the oil refinery, payroll files, and sensitive client and employee data.

In another post, if Aramco paid $ 50 million in the niche cryptocurrency Monero, the perpetrators suggested deleting the data. This is especially difficult for authorities to track. This post also provided future buyers with the opportunity to purchase data for about $ 5 million.

Oil giants have the ability to pump one or more oil for every 10 barrels of crude oil in the global market, and their security and facility threats are carefully monitored by oil traders and policy makers.

Security vulnerabilities in energy companies and pipelines in particular are declining In the limelight Recently, after a colonial pipeline was hacked in the United States earlier this year, there was a shortage of fuel across the country’s east coast.

It was unknown who was behind the Aramco case. Cyber ​​researchers pointed out that the attack did not appear to be part of a ransomware campaign, where hackers used malware to seize user data and computer systems and release them only after the ransom was paid. Also, hackers do not claim to be part of a known ransomware gang.

Instead, the hacker seems to have set up a dark web profile to seize a copy of the data without using malware and telegram its activity.

Saudi Aramco’s facilities have been targeted by both physical and cyber attacks in the past.

In 2019, the Buqayq processing facility in the eastern part of the country suffered a series of damage as it prepared most of the Kingdom’s crude oil for export. Missile and drone strike The United States has accused Iran.Global oil prices soared until Saudi Arabia was created Reassure the market Still, we can export enough oil to maintain a sufficient supply to our customers.

In 2012, Iran was also blamed for alleged cyberattacks on Saudi Aramco. Cybersecurity experts say this is probably retaliation for Stuxnet’s attack on Iran’s nuclear program, which is widely attributed to the United States and Israel.

According to the 2012 attack, about three-quarters of the data on Aramco’s computer was erased. Report At that time, it contained files, spreadsheets, emails, and so on. They have been replaced with images of the burning US flag.

The Saudi Aramco refinery, including the newly opened Jazan facility, is also shown in the screenshot of the allegedly leaked data. Became a target Physical attacks from both drone and missile attacks alleged by Iran-backed Houthi rebels in Yemen. The Jazan Refinery is located in the southwestern part of the Red Sea in Saudi Arabia, not far from the Yemeni border.

Twice a week newsletter

Energy is an indispensable business in the world, and the source of energy is its newsletter. Every Tuesday and Thursday, directly in your inbox, Energy Source provides important news, advanced analytics, and insider intelligence. Sign up here..

Saudi Aramco confirms data leak after $50m cyber ransom demand Source link Saudi Aramco confirms data leak after $50m cyber ransom demand

Source link

Leave a Comment