Saudi Aramco has acknowledged the hack and the hackers have demanded $50million ransom. The bad actors have threatened to leak data if ransom money demanded in cryptocurrency is not paid.
The oil giant was aware of the recent incidents where a limited amount of company data was with third-party contractors. The company has not revealed the names of the contractor in possession or how the data was leaked.
According to Saudi Aramco, the data released was not due to a breach in the system and it did not impact its operations. The company confirmed it continues to maintain a robust cybersecurity posture.
The bad actors managed to post around 1 terabyte worth of Aramco data on the darknet. They have demanded a ransom of $50 million to delete the data once it is paid in cryptocurrency. The page on the darknet has a countdown timer that showed $5 million, a pressure tactic used by the hackers. It is still not clear who are the hackers behind this attack.
This is not the first time Saudi Aramco has been targeted by hackers. Earlier in 2012 the company had to destroy around 30000 computers and shut down its network. It was hit by the Shamoon virus, it deleted hard drives and displayed a picture of a burning American flag.
This attack was attributed to Iranian hackers by the US, as Iran’s nuclear enrichment program was targeted by the Stuxnet virus. Ironically the Stuxnet virus was created by the US and Israel jointly.
Later in 2017, the oil company was targeted by another virus that disrupted its operations in Sadara. It was a joint venture between Aramco and Dow Chemical Co.