Blog Writing

Cyber Attacks on Oil and Gas Are Not New

If you are like me, the attack on the pipeline that caused so much havoc in the Eastern U.S. came as a complete surprise. What I did not know was that this is nothing new. Saudi Aramco has gone through this at least several times that we know of. Check out this interesting read from SHALE Magazine: https://shalemag.com/hackers-price-aramcos-data-at-50-million-on-the-darkweb/

Saudi Aramco, the oil mogul of Saudi Arabia, confirmed the high probability that one of its contractors was responsible for leaking company data-centered in a cyber-extortion plot involving a hefty $50 million ransom. Keeping the contractor’s name private for now, the company informed the Associated Press they recently identified a limited quantity of data held by contractors and released without permission. Saudi Aramco has also maintained a level of secrecy regarding the incident and has not revealed if the source of compromise resulted from hacking.

“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cybersecurity posture,” said Aramco.

Threat Identified

Taking credit for the attack, ZeroX claims to have hacked and stolen data from Aramco’s network and its servers. Offering the sale of the information on the Darknet, the threat group, as well as Aramco, told BleepingComputer the attack was not of a ransomware nature.

The $50 million prospective data sale includes valuable information associated with Aramco’s refineries, personal information pertaining to approximately 14,000 employees, system specifications, price sheets, and internal analysis information. Additionally, IP address security has been compromised along with crucial Wi-Fi data. ZeroX informed BleepingComputer the group is currently in negotiations to sell the data to five potential buyers.

Prior Attacks

Saudi Aramco is no stranger to cyber threats and attacks. The infamous 2012 Shamoon malware attack proved staggering in effect and contaminated every computer found at the oil company. Hard drives were deleted, and the finishing touch included the burning of the American flag on computer screens. As a result, the company was forced to destroy over 30,000 computers and shut down its network. 

A joint venture, known as Sadara, between Aramco and Michigan-centered Dow Chemical Company found itself under attack in 2017. Computers were disrupted, which officials at the time predicted as another version of Shamoon. Lastly, 2018 brought havoc again when a Shamoon malware variant once again entered the arena. 

Remaining on Top

Much can be said involving Aramco’s business model after surviving the string of cyberattacks and yet still steaming ahead. Even with this latest attack, Aramco still reigns as a significant player in the global oil market. After trading ceased for Eid al-Adha, a Muslim holiday, the portion of Aramco that trades on Riyadh’s Tadawul stock exchange found itself at $9.30 a share. While that might sound subpar, the company is stickered with a value of $1.8 trillion, solidifying it as one of the most valued in the world.

Nick Vaccaro is a freelance writer and photographer. Besides providing technical writing services, he is an HSE consultant in the oil and gas industry with eight years of experience. He also contributes to Louisiana Sportsman Magazine and follows and photographs American Kennel Club field and herding trials. Nick has a BA in Photojournalism from Loyola University and resides in the New Orleans area. 210-240-7188 Nick@shalemag.com