Skip to main content

Saudi Aramco magnate of some of the world’s costliest hacks

posted onJuly 22, 2021

Saudi Arabian energy giant Saudi Aramco has confirmed that it is facing a $50m ransom demand from hackers who have stolen some proprietary data.

“Aramco recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors,” the world’s most-valuable oil producer said Wednesday in a statement.

“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cybersecurity posture.”

According to the Associated Press (AP), one terabyte, or 1,000 gigabytes, of Aramco's data was being held by extortionists, citing a page on the darknet - a part of the internet within an encrypted network which is accessible only through specialised anonymity-providing tools.

The black hat hackers demanded that Saudi oil corporation pays $50 million in cryptocurrency to get the data removed or deleted.  

The Middle Eastern energy company has been criticised for the vulnerability of its infrastructure, and has been the target of cyber attacks in the past. 

In 2012, the kingdom's cash cow found itself hit by  a variant of a notorious destructive computer virus known as Shamoon, which deleted hard drives. The attack forced Aramco to shut down its network and destroy over 30,000 computers. 

In 2016, Saudi media reported that cyber attacks had targeted several state institutions, as well as other vital structures. 

In 2017, another virus swept across the oil rich kingdom and disrupted computers at Sadara, a joint venture between Aramco and Michigan-based Dow Chemical Co. Officials at the time warned it could be another version of Shamoon. 

According to experts, the oil and gas industry, which includes companies that own wells, pipelines and refineries, has failed to invest in cyber-security over the years. 

The Colonial Pipeline in the U.S., which stretches from Texas to New Jersey, has been the most recent victim of the cybersecurity compromise.

In May 2021, the American energy company suffered a ransomware attack that forced it to shut down its entire fuel distribution pipeline -causing major disruptions to gas delivery up and down the U.S. East Coast.

The pipeline transports 100 million gallons of fuel per day, extends across 14 states and directly services seven airports. Colonial Pipeline’s CEO told a Senate committee the company paid the $5 million ransom.

It was the largest cyberattack on an oil infrastructure target in the history of the United States. 

line black 1300
line black 1300