Saudi Aramco has publicly confirmed that they were the target of a data breach and that the hackers are leveraging that data for a $50,000,000 ransom:
The data breach first became public knowledge when hackers on the dark web posted that they were in possession of 1 terabyte of Aramco data on June 23, 2021.
The hackers claimed they had access to a wide range of confidential company data. This data includes locations of oil refineries, payroll information from employees, and even confidential client and employee data.
CHECK OUT: 10 Most Valuable Companies In The World
Who Are Saudi Aramco?
Saudi Aramco is a public oil and natural gas company based in the Kingdom of Saudi Arabia. It is one of the largest daily oil producers in the world.
Aramco has a market capitalization of $2 Trillion, which makes it one of the most valuable companies in the world.
Founded in 1933, with the help of American-based oil company Chevron. Aramco singlehandedly launched the Kingdom of Saudi Arabia from being a barren desert into one of the few modern developed nations in the Middle East.
Frequent Cyber-Attack Targets
It may come as no surprise that Aramco is very closely tied with the government in Riyadh. So, it is quite frequently a target of both nation-state actors and small-scale hackers.
In fact, this is not the first time Aramco has been a target of a cyber-attack. In 2009, Aramco was hit with a lethal malware attack that researchers would later call the Shammon Virus.
When Shammon hit Aramco’s network, it affected almost 35,000 computers within a matter of hours. Many of these computers were partially or totally wiped. It got so bad that Aramco’s whole supply chain network went down. Line and lines of trucks were being turned away as no one knew how to pay them or where to direct them.
The Shammon virus would later be attributed to Iranian hackers.
Since finding attribution to a computer hack is almost impossible, no nation-state was blamed publicly. But most cybersecurity experts believed that these Iranian hackers were connected to the Iranian revolutionary guard.
The Ransom Attack
The current hack seems to be motivated differently. While Shammon Virus had the explicit purpose of causing massive destruction and disruption. The current hackers seem to be more interested in money.
This makes it more likely that the cyber attack is by non-state actors. But cybersecurity experts are not sure about that either, as state actors like North Korea are known for doing cyber-attacks purely for monetary gains.
Saudi Aramco has corroborated the hacker’s claims, by admitting they were hacked, and data was leaked. The hackers have said that they promise to delete the data if they are paid.
According to Aramco, the data leak was because of a third-party contractor working with them. But the firm has reassured everyone that systems are secure. Even though Aramco has been light on the details, they put out the following statement
“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture” – Saudi Aramco Spokesperson via BBC.com