Saudi Aramco Faces $50m Ransom Demand

National oil firm Saudi Aramco has confirmed that company files  have been leaked after hackers reportedly demanded a $50 million ransom from the world’s largest oil producer. Sources are reporting that that 1 TB of Aramco company data had been captured by cyber criminals, who are demanding $50 million in crypto currency to restore the data.

The global oil and gas industry has long been criticised for failing to invest in cyber security although Aramco has strengthened its cyber security since first being hit by the Shamoon virus in 2012, which resulted in the destruction of 30,000 of its computers. The source of the 2012 attack aimed to disrupt production from the world’s largest exporter of crude has never been identified.

The giant Saudi Arabian energy company has not said how the attack took place, whether its supply chain contractors had been hacked or if the files were leaked in some other way. "We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture," the firm said. It isn’t clear whether Saudi Aramco or its contractors heeded the extortion demands, but since there’s no indication of any data being encrypted in the attack, the primary concern would have been to keep the information away from its competitors.

The global energy industry has seen a major peak up in cyber attacks with Colonial Pipeline hack becoming the most visible recent example. The oil and gas industry, which includes the companies that own wells, pipelines and refineries, has long been a laggard in security spending, according to sources. 

Energy companies from electric utilities, to power-grid operators to pipeline operators have warned that cyber-attacks are becoming more and more prevalent. The largest US power grid operator, PJM Interconnection LLC, has warned regulators that it’s facing increasing attacks. 

Energy companies including electric utilities, power-grid operators and pipeline operators have warned that cyber attacks are becoming more and more prevalent

AlJazeera:      Bloomberg:        BBC:         Argus Media:      Techradar:       Silicon:        Business Live

You Might Also Read:

Critical Infrastructure And Cyber Security:

 

« Twitter Celebrity Hack Suspect Arrested
2021 Global Cyber Security Event »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

aeCERT

aeCERT

aeCERT is the national Computer Emergency Response Team for the United Arab Emirates.

Ipsidy

Ipsidy

Our identity platform enables mobile users to more easily authenticate their identity to a mobile phone or portable device of their choosing.

Terranova Security

Terranova Security

Terranova is dedicated to providing information security awareness programs customized to your internal policies and procedures.

Aiuken Cybersecurity

Aiuken Cybersecurity

Aiuken is an international IT Security company, focused on communications and IT technologies, specialised in Security and Cloud Services solutions with high added value.

Eskive

Eskive

Eskive is a Brazilian cyber security awareness and education platform that empowers users and strengthens their company in the face of cyber threats.

Black Hills Information Security (BHIS)

Black Hills Information Security (BHIS)

Black Hills Information Security provide security testing and vulnerability assessment services.

Blackbird.AI

Blackbird.AI

Blackbird.AI provides an intelligence and early-warning system to help users detect disinformation and take action against threats.

IN4 Group

IN4 Group

IN4 Group is a skills, innovation and start-up services provider that specialises in supporting businesses with the training, communities, networks and advice they need to scale.

IT-Seal

IT-Seal

IT-Seal GmbH specializes in sustainable security culture and awareness training.

evolutionQ

evolutionQ

evolutionQ delivers quantum-risk management strategies and robust cybersecurity tools designed to be safe in an era with quantum computing technologies.

Ostra Cybersecurity

Ostra Cybersecurity

As a next-generation MSSP, Ostra Cybersecurity combines best-in-class tools, proprietary technology and exceptional talent to deliver Fortune 100-level protection for businesses of all sizes.

Accops Systems

Accops Systems

Accops enables secure and instant remote access to business applications from any device and network, ensuring compliant enterprise mobility.

Bluewave

Bluewave

Bluewave are a strategic IT advisory company that offers businesses a simple and comprehensive way to purchase information technology solutions.

Gleam Cloud Security Solutions (GCSS)

Gleam Cloud Security Solutions (GCSS)

GCSS Security is an information security firm providing cyber security protection with a highly skilled and experienced team focused on technology that creates best-in-class customer experiences.

Strobes Security

Strobes Security

Strobes is among the world’s first cybersecurity platforms specifically designed for end-to-end continuous threat exposure management.

Sublime Security

Sublime Security

Sublime is an adaptive email security platform that combines best-in-class effectiveness with unprecedented visibility and control.