Saudi Aramco is currently attributing the theft of its data to a contractor. The hacker gained access to the refinery location and confidential customer and employee data.
Saudi Aramco, one of the world’s largest oil producers, recently reported that a hacker is requesting a payment of USD 50 million in monero (XMR) to give back the stolen files. The sum equals approximately 250 thousand XMR. This cryptocurrency allows private transactions without being traced.
The Financial Times newspaper, in its edition of today, July 22, 2021, revealed this information. The news outlet highlights information about the confirmation coming from a hydrocarbon company about some of the files leaked through a contractor, which happened right after a cyber extortionist claimed to have seized their data last month and asked for at least $ 50 million ransom in monero.
According to the newspaper, Saudi Aramco said it had recently learned to handle the situation, which compromises a limited amount of data under contractors’ control. However, the company did not reveal the contractor’s name and did not specify how the data got involved in this situation.
According to the British newspaper, Saudi Aramco made the statement right after a hacker claimed, on the dark web, that he had stolen one terabyte of data from the oil company.
The hacker indicated that he acquired vital data regarding the location of the “black gold” refineries and payroll files and confidential data of customers and employees of the company.
Subsequently, the hacker promised to delete the data from the dark web if, as a counterpart, Saudi Aramco paid him a ransom circling $ 50 million in the cryptocurrency Monero.
It Does Not seem to be a Ransomware Attack
Cyber investigators noted that the perpetrator of the attack on Saudi Aramco remains unknown. However, they indicated that this act does not appear to run in parallel with a ransomware attack. Ransomware is an attack that comes to fruition using malicious software (malware) to seize the data of a user or computer system and release it only after payment of a ransom.
The hacker has also not mentioned being part of any known or unknown ransomware gang. The hacker might have seized a copy of the data without applying any malware and re-created profiles on the dark web to report their activities.
The US Oil Industry Also Faced Various Cyber attacks Recently
The oil industry has received similar attacks before. On May 7, 2021, a cyber attack happened on a US pipeline in Texas. As a result, there was a fuel shortage along the entire east coast of that country, and the security vulnerabilities of energy companies were fully exposed.
According to the data from the ransomware platform, since July 2021, ransomware losses have surpassed 60,000 bitcoins. One dangerous feature that adorns a ransomware attack is that the attack can aim at both companies and individuals, although the latter modality is usually less frequent.
By: Jenson Nuñez
