Saudi Aramco

Saudi Aramco confirms data leak, hackers demanded $50M ransom

Saudi Aramco
Source: Warta Ekonomi

Saudi Arabian Oil Company, popularly known as Saudi Aramco is a Saudi Arabian public petroleum and natural gas company. It is the world’s most valuable oil producer and recently, on Wednesday, the company confirmed that some of its confidential company files have been leaked on the dark web through a third-party contractor.

The news came after the hacker or more precisely, the ‘cyber extortionist’ claimed to have obtained the leaked company data last month and has demanded a ransom of USD 50 million from the company with one specific detail that the ransom should be paid in cryptocurrency only. Why is that, you ask?

Well, that is because cryptocurrency operates on blockchain technology which is extremely difficult to trace.

As mentioned in a report by Bloomberg Quint, Saudi Aramco issued a statement saying that the company recently became aware of the indirect release of company data. He added that it is only a limited amount of company data that is being held by the cyber extortionist or as they quoted, “third-party contractors”. According to a report by ARS Technica, the oil producer did not mention the name of the supplier or explain how the company files got compromised in the first place.

The hacker or plural claimed to have access to over 1 terabyte of Saudi Aramco’s company files, according to a report by Financial Times. The cyber extortionist mentions in a statement that he obtained confidential company information on the location of il refineries, confidential employee data, confidential client data, and payroll files.

After the claim, the oil producer issued another statement confirming that the release of data on the dark web is not due to a breach of the company’s security systems. The company affirms that the data has no impact on Aramco’s operations and that the company will continue to operate as before while maintaining a robust cybersecurity posture, as mentioned in a report by ARS Technica.

In another post by the cyber extortionist, he offers to delete the company data in return for USD 50 million ransom paid in cryptocurrency which, as mentioned earlier, is difficult for the authorities to trace. Reports suggest that the perpetrator also offered buyers to purchase the confidential company data for about USD 5 million.

Anyhow, after the hack of the colonial pipeline in the United States earlier this year, the security vulnerabilities of energy companies have increased significantly. Saudi Aramco’s facilities have reportedly been attacked in the past as well. The attacks mentioned were both physical and cyber-attacks, according to reports.

Saudi Aramco’s newly opened Jazan facility has also been subjected to cyberattacks and physical missile and drone strikes in the past and the attacks have been claimed by Houthi rebels in Yemen.


Credits: The Financial Times Ltd.