Aramco target of ransomware attack: press
Saudi Aramco confirmed to the Associated Press that it is the target of a $50mn ransomware attack, the news agency reported July 21.
The Saudi Arabian Oil Co told the news service that its data was accessed and it was the target of a “cyber-extortion” campaign. The company said it "recently became aware of the indirect release of a limited amount of company data, which was held by third-party contractors.”
The Associated Press said it was able to access a webpage on the so-called darknet, an anonymous and heavily-encrypted network, that shows the perpetrators of the cyberattack were holding 1 terabyte (1,000 gigabytes) worth of Aramco data that would be deleted in exchange for $50mn in cryptocurrency.
“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture,” the company said.
Cybersecurity issues are emerging as a viable threat to national infrastructure. The Colonial fuels pipeline, a US network that supplies half of the East Coast demand for refined petroleum products, was idled in May by a ransomware attack launched by Russian hackers.
Part of the pipeline company’s recovery operations included payment in cryptocurrency, which was later recovered by the federal government.
This week, the US Department of Homeland Security issued mandates for pipeline owners and operators that call for mitigation measures against cybersecurity threats, the development of recovery plans and the performance of regular cybersecurity reviews.
In the House of Representatives, the lower chamber of the US Congress, lawmakers followed suit by passing resolutions that would bolster cybersecurity protections for the energy sector even further.