Saudi Aramco, the world’s largest oil producer, confirmed Wednesday that some of its company’s files have been leaked because of a contract, after a cyber extortionist claimed to have seized some of his data on last month and asked the company for a $ 50 million ransom.
Aramco said in a statement that it had “recently become aware of the indirect release of a limited amount of company data that was held by third-party contractors.” The oil company did not call the supplier or explain how the data was compromised.
“We confirm that the release of data is not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust track record. computer security posture, ”Aramco added.
The statement came after a hacker claimed on the dark web that they had stolen 1 terabyte of Aramco data, according to a June 23 post seen by the Financial Times. The hacker said he obtained information about the location of the oil refineries, as well as pay slips and confidential data of customers and employees.
Elsewhere, the perpetrator offered to delete the data himself Aramco has paid $ 50m in a Monero cryptocurrency crisis, which is particularly difficult for tracking authorities. The post also offers prospective buyers the opportunity to purchase the data for about $ 5m.
The oil giant has the capacity to pump more than one in every 10 barrels of crude oil into the global market and any threat to its security or its structure is closely monitored by oil traders and policy makers.
The security vulnerabilities of energy companies and gas pipelines in particular have been reduced under the spotlight shortly after the Colonial Pipeline hijacking in the United States earlier this year led to a shortage of fuel along the east coast of the country.
It was unclear who was behind the Aramco incident. Cybercriminals have noted that the attack did not appear to be part of a ransomware campaign, where hackers use malware to capture user data or computer systems and release it only once the ransom has been paid. Not even the hacker claimed to be part of a known ransomware gang.
Instead, the hacker appeared to have taken a copy of the data without using malware, and created dark web profiles to telegraph its activities.
Saudi Aramco’s facilities have been targeted in the past by physical and cyber attacks.
In 2019 the Abqaiq processing facility in the eastern part of the country, which prepares most of the kingdom’s crude for export, was hit by a series of missile and drone strikes which the US blamed on Iran. World oil prices have risen until Saudi Arabia was able to reassure the markets it could also export enough oil to keep customers well consumed.
In 2012 an alleged cyber attack on Saudi Aramco was also blamed on Iran. Cybersecurity experts said this was probably a revenge for Stuxnet’s attack on Iran’s nuclear program, which has been widely attributed to the United States and Israel.
The 2012 attack erased data on three-quarters of Aramco’s computers, according to him report at the moment, including spreadsheets, spreadsheets and emails. They were replaced with an image of a flaming US flag.
Saudi Aramco refineries, including the newly opened Jazan facility, which was listed in screenshots of the allegedly leaked data, have also been subject to physical attacks by both drones and missiles, which have been claimed by Houthi rebels backed by Iran in Yemen. The Jazan refinery is in southwestern Saudi Arabia on the Red Sea, not far from the Yemen border.
Bulletin twice a week
Energy is the indispensable activity of the world and the Source of energy is its newsletter. Every Tuesday and Thursday, directly at your inbox, Fonte Energetica brings you essential news, advanced analysis and inside intelligence. Sign up here.