Hackers Demand $50 Million from the World's Most Valuable Oil Producer

Saudi Aramco, the world's most valuable oil corporation, has acknowledged that corporate data was stolen by one of its contractors.

Cyber Attack
1,000 gigabytes, of Aramco’s data was being held by extortionists, citing a page on the darknet. Pexels/Tima Miroshnichenk

$50 Million Ransom Demand

In a recently published article in Yahoo News, Saudi Arabia's national oil firm said on Wednesday that one of its contractors was likely responsible for the business's stolen data, which is now being utilized in a cyber-extortion effort including a $50 million ransom demand.

Saudi Arabian Oil Co., or Saudi Aramco, told a media source that it had just learned of the indirect leak of a small quantity of corporate data stored by third-party contractors. However, The oil company did not specify which contractor was impacted, nor did it disclose whether the contractor was hacked or whether the information was stolen in some other manner.

Aramco told BBC News that it "recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors," The oil giant also added, "We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture."

Hackers Held 1,000 Gigabytes of Aramco Data

The Associated Press found a website on the darknet claiming the extortionist had 1 terabyte of Aramco data. The darknet is a portion of the internet housed inside an encrypted network and accessible only via specialized anonymity-providing software. 1,000 gigabytes equals a terabyte.

The website gave Aramco the opportunity to have the data erased for $50 million in bitcoin, with a countdown counting down from $5 million, most likely to put pressure on the business, according to a published article in KLFY. Who is behind the ransom scheme is yet unknown

Aramco has already been the victim of a cyberattack. The so-called Shamoon computer virus, which erased hard drives and then showed an image of a burning American flag on computer displays, struck the kingdom's oil behemoth in 2012. Aramco was compelled to shut down its network and destroy over 30,000 machines as a result of the assault.

Previous Cyber Attack

The previous cyber assault on Aramco was subsequently blamed on Iran, whose nuclear enrichment program had recently been attacked by the Stuxnet virus, which was most likely created by Americans and Israelis.

Another malware struck the Kingdom of Saudi Arabia in 2017, disrupting systems at Sadara, a joint venture between Aramco and Dow Chemical Co. in Michigan. Officials warned at the time that it might be a reincarnation of the previous Shamoon attack.

After trading halted last week for the Muslim holiday of Eid al-Adha, the sliver of Aramco that currently trades openly on Riyadh's Tadawul stock market was at 34.90 riyals per share, or $9.30. This values the business at approximately $1.8 trillion, making it one of the most valuable companies in the world.

Meanwhile, Aramco did not react quickly to a request for comment on the Associated Press story that the firm was the subject of a $50 million extortion attempt. According to analysts, the oil and gas sector, which includes firms that operate wells, pipelines, and refineries, has failed to invest in cyber-security over time.

Tags
Cyber Attack, Data, Saudi
Real Time Analytics