Business / Saudi Aramco confirms data leak, hacker reportedly demands $50 mn

Zoom News : Jul 23, 2021, 01:08 PM
Dubai: Saudi Aramco, the state oil giant of Saudi Arabia, on July 21 acknowledged that one of its contractors has received a cyber-extortion ransom demand of $50 million. The extortionists have threatened to leak data from company files if the ransom is not paid in cryptocurrency.

The oil giant recently became aware of the indirect release of a limited amount of company data held by third-party contractors, news agency Associated Press reported. The company, however, did not reveal which contractor was being threatened or how the information was leaked.

In its statement, Saudi Aramco said the data released was not due to a breach of systems and there has been no impact on operations. “The company continues to maintain a robust cybersecurity posture,” it added.

Associated Press reportedly accessed a page on the darknet where the extortionist holds 1 terabyte (TB) worth of Aramco data and has offered to delete the data once $50 million has been paid in cryptocurrency. A countdown timer showed $5 million which could be an attempt to pressurise the oil giant.

The face or name behind this extortion remains unclear.

Earlier cyberattacks on Saudi Aramco

In 2012, Saudi Aramco was targeted by the Shamoon virus that deleted hard drives and displayed a picture of a burning American flag on computer screens. The oil-producing company had to destroy 30,000 computers and shut down its network.

The US pinned the blame on Iran as the latter’s nuclear enrichment programme was targeted by Stuxnet virus. The Stuxnet virus was allegedly created by the US and Israel jointly.

In 2017, another virus targeted and disrupted the company’s computers at Sadara, a joint venture between Aramco and Dow Chemical Co. Officials at the time warned it could be another version of Shamoon.