Saudi Aramco Faces $50m Ransom Demand

National oil firm Saudi Aramco has confirmed that company files  have been leaked after hackers reportedly demanded a $50 million ransom from the world’s largest oil producer. Sources are reporting that that 1 TB of Aramco company data had been captured by cyber criminals, who are demanding $50 million in crypto currency to restore the data.

The global oil and gas industry has long been criticised for failing to invest in cyber security although Aramco has strengthened its cyber security since first being hit by the Shamoon virus in 2012, which resulted in the destruction of 30,000 of its computers. The source of the 2012 attack aimed to disrupt production from the world’s largest exporter of crude has never been identified.

The giant Saudi Arabian energy company has not said how the attack took place, whether its supply chain contractors had been hacked or if the files were leaked in some other way. "We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture," the firm said. It isn’t clear whether Saudi Aramco or its contractors heeded the extortion demands, but since there’s no indication of any data being encrypted in the attack, the primary concern would have been to keep the information away from its competitors.

The global energy industry has seen a major peak up in cyber attacks with Colonial Pipeline hack becoming the most visible recent example. The oil and gas industry, which includes the companies that own wells, pipelines and refineries, has long been a laggard in security spending, according to sources. 

Energy companies from electric utilities, to power-grid operators to pipeline operators have warned that cyber-attacks are becoming more and more prevalent. The largest US power grid operator, PJM Interconnection LLC, has warned regulators that it’s facing increasing attacks. 

Energy companies including electric utilities, power-grid operators and pipeline operators have warned that cyber attacks are becoming more and more prevalent

AlJazeera:      Bloomberg:        BBC:         Argus Media:      Techradar:       Silicon:        Business Live

You Might Also Read:

Critical Infrastructure And Cyber Security:

 

« Twitter Celebrity Hack Suspect Arrested
2021 Global Cyber Security Event »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ITpreneurs

ITpreneurs

ITpreneurs provides IT training content, Instructors, Learning Infrastructure and services to IT Training providers.

Opengear

Opengear

Opengear ensures network resilience to enterprises by enabling business continuity with the Network Resilience Platform.

Spirion

Spirion

Spirion offers data discovery, classification, and protection tools for your business's privacy, security, and compliance program to avoid gaps and risks.

AntemetA

AntemetA

AntemetA specializes in network infrastructure, security and cloud computing, helping companies transform their Information Systems.

Templar Executives

Templar Executives

Templar Executives is a leading, expert and dynamic Cyber Security company trusted by Governments and multi-national organisations to deliver business transformation.

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

Wüpper Management Consulting (WMC)

Wüpper Management Consulting (WMC)

Specialized in compliance, risk management and holistic information security WMC GmbH has longtime implementation experience in global projects.

IoT M2M Council (IMC)

IoT M2M Council (IMC)

The IMC is the largest and fastest-growing trade organisation in the IoT/M2M sector.

Neudomains

Neudomains

Neudomains is a Corporate Domain Name Management and Brand Protection Online Specialist. One of the world's top providers of online brand protection and enforcement.

WebSec

WebSec

WebSec is a cybersecurity firm based in Amsterdam (NL) and Wyoming (US), specializing in offensive security services including penetration testing, red teaming, and tailored security assessments.

ConnectWise

ConnectWise

The Unified ConnectWise Platform offers intelligent software and expert services to easily run your business, deliver your services, secure your clients, and build your staff.

ChaosSearch

ChaosSearch

ChaosSearch is a massively scalable ELK-compatible log analysis platform delivered as a fully managed service with high-performance and low cost.

North West Cyber Resilience Centre (NWCRC)

North West Cyber Resilience Centre (NWCRC)

The North West Cyber Resilience Centre is a trusted, not-for-profit venture between Greater Manchester Police and Manchester Digital.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Verizon

Verizon

Verizon is a leader in IT technology solutions - Verizon Cloud, Networking, Security, Mobility, Machine-to-Machine (M2M), Advanced Communications and Professional Services.

StealthPath

StealthPath

StealthPath is focused on endpoint protection, securing the “implicit trust” vulnerabilities of current leading information security solutions.

Quantum Bridge

Quantum Bridge

Our unbreakable key distribution technology ensures the highest level of protection for your critical infrastructure and sensitive data in an evolving digital landscape.

Accompio

Accompio

Accompio offer comprehensive support in the digitalisation of your business processes.