Saudi Aramco confirms data leak after reported cyber ransom

Aramco said the release of data was not due to a breach of its systems and that its cyber security remains robust. PHOTO: REUTERS

RIYADH (BLOOMBERG) - Saudi Aramco confirmed that some company files were leaked after hackers reportedly demanded a US$50 million (S$68 million) ransom from the world's most-valuable oil producer.

"Aramco recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors," the Middle Eastern oil major said on Wednesday (July 21) in an email.

"We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cybersecurity posture."

The Associated Press reported earlier that one terabyte of Saudi Arabian Oil data had been held by an extortionist, citing a web page it had accessed on the darknet.

The state-owned driller was offered the chance to have the data deleted for US$50 million in cryptocurrency, the AP said.

The global energy industry has seen a ramp up in cyber attacks with Colonial Pipeline becoming the most visible of late. The oil and gas industry, which includes the companies that own wells, pipelines and refineries, has long been a laggard in security spending, according to consultants.

In 2012, Saudi Arabia blamed unidentified people based outside the kingdom for a hack against the oil giant that aimed to disrupt production from the world's largest exporter of crude.

The so-called "spear-phishing" assault destroyed more than 30,000 computers within hours. A spokesman for the Interior Ministry declined at the time to identify any of the "several foreign countries" from which the attack originated.

The Middle East has previously been a magnet for some of the world's costliest hacks, PricewaterhouseCoopers said in a 2016 report.

Energy companies from electric utilities, to power-grid operators to pipeline operators have warned that cyberattacks are becoming more and more prevalent. The largest US power grid operator, PJM Interconnection, has warned regulators that it's facing increasing attacks.

Join ST's Telegram channel and get the latest breaking news delivered to you.