Hackers reportedly demand $50m from oil giant

The world’s most valuable oil producer Saudi Aramco has confirmed to the BBC that company data has leaked from one of its contractors.a man riding on the back of a bicycle

The files are now reportedly being used in an attempt to extort $50m (£36.5m) from the company.

The global oil and gas industry has long been criticised for failing to invest in cyber security.

In May, the Colonial Pipeline in the US was hit by a ransomware cyber-attack.

In an emailed statement, Aramco told the BBC that it “recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors.”

The Saudi Arabian energy giant did not say which contractor was affected nor whether the contractor had been hacked or if the files was leaked in some other way.

“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture,” the firm said.

According the Associated Press (AP), one terabyte, or 1,000 gigabytes, of Aramco’s data was being held by extortionists, citing a page on the darknet – a part of the internet within an encrypted network which is accessible only through specialised anonymity-providing tools.

The AP report said the page offered to delete the data in exchange for $50m in cryptocurrency, although it is unclear who is behind the ransom plot.

Aramco did not immediately respond to a BBC request for clarification over the AP report that the company was the target of a $50m extortion attempt.

The oil and gas industry, which includes the companies that own wells, pipelines and refineries, has failed to invest in cyber-security over the years, according to experts.

This is not the first time Aramco has been the target of a data-related attack. In 2012, the company’s computer network was hit by the so called Shamoon virus.

The cyber-attack this year on the Colonia pipeline in the US further highlighted the vulnerabilities of the energy industry’s computer systems.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s