Saudi Aramco faces $50M ransom in cyber extortion over leaked data

Saudi Arabia’s state oil giant and world’s key oil producer Aramco on Wednesday confirmed reports of data leak as hackers demanded a $50m ransom in cyber-extortion, which the oil firm speculated came from one of Aramco’s own contractors. In a statement to The Associated Press on July 21, Saudi Arabian Oil Co. said that it “recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors.” 

$50 million ransom in cyber-extortion case

It further confirmed, that “the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture.” The Saudi-based oil firm was, however, clueless about which of its several contractors were impacted by the leak or whether they had been hacked. 

The extortionist held 1 terabyte [1,000 gigabytes] worth of Aramco data, AP found as it accessed the information on the darknet hosted within an encrypted network, which it said it accessed via “specialized anonymity-providing tools.” The black hat hackers demanded that Saudi oil corporation pays $50 million in cryptocurrency to get the data removed or deleted. This wouldn’t be the first time that Saudi Aramco has been hit by a cyberattack. 

Beginning in 2012,  a variant of a notorious destructive virus known as Shamoon crippled tens of thousands of computers at the world’s largest exporter of crude Aramco as well as RasGas Co Ltd. The cyberattacks continued in late 2016  in the Middle East and were dominant around 2017. The so-called “spear-phishing” displayed a picture of a burning American flag on computer screens that destroyed the oil corporation’s 30,000 systems within a few hours. 

A hack was also planted on Italian oil services firm Saipem wherein more than 300 computers were compromised. US Colonial Pipeline has been the most recent victim of the cybersecurity compromise. But according to a PricewaterhouseCoopers LLP report issued in 2016, the Middle East has been a magnate of some of the world’s costliest hacks. Only last month, Saudi Aramco had inaugurated a hydrogen fuelling station at the new Technology Center in the Dhahran Techno Valley Science Park in Riyadh. The pilot station was designed to fuel a fleet of fuel cell electric vehicles owned by Aramco.