Saudi Aramco confirms data breach following demand for $50m cyber ransom
Says attack wasn’t a typical ransomware campaign
Saudi Aramco has admitted to indirectly leaking sizable amounts of data pilfered from one of its third-party contractors in a cyberattack, which surprisingly doesn’t appear to involve the use of malware like ransomware.
In an emailed statement to the Financial Times, the world’s largest oil producer confirmed a breach had occured earlier this week, but added the incident did not originate on its computers, and has had no impact on their operations.
The statement comes after cybersecurity experts noticed a dark web post claiming to offer one terabyte of Saudi Aramco data. The poster reportedly claimed to possess information on the location of oil refineries, as well as payroll files and confidential client and employee data.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.
- These are the best ransomware protection tools
- We've put together a list of the best endpoint protection software
- Here's our choice of the best malware removal software on the market
Interestingly, while it is currently unclear who was behind the leak, according to reports, the attack on the unidentified contractor doesn’t appear to be part of a typical ransomware campaign.
Smash and grab
Experts noted that the seller who posted the exfiltrated data on the dark web did not mention affiliation with any ransomware operator, even as they demanded $50 million in cryptocurrency to delete the data.
Security experts have foretold of an increase in cyberattacks on critical utilities and infrastructure following the successful campaign against the US-based Colonial Pipeline, prompting the country to spend billions to revitalize its security initiatives.
It isn’t clear whether Saudi Aramco or its contractor heeded the extortion demands, but since there’s no indication of any data being encrypted in the attack, the primary concern would have been to keep the information away from its competitors.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
- Protect your devices with these best antivirus software
Via Financial Times
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.