Saudi Aramco Faces $50M Cyber Extortion After Release of Company Data

This past Wednesday, July 21, 2021, the Saudi Arabian Oil Co., better known as Saudi Aramco, acknowledged that they are now a victim of a cyber-extortion attempt, involving $50 million ransom demand. 

According to The Arab Weekly, the oil giant said it “became aware of the indirect release of a limited amount of company data, which was held by third-party contactors.”[1]

A page on the Darknet claimed that the extortionist held one terabyte worth of Aramco data. For those unfamiliar with the Darknet, it is “part of the internet hosted within an encrypted network and accessible only through specialized anonymity-providing tools.”[2] The page offered Aramco a chance to have the data deleted for $50 million in cryptocurrency, while another timer counted down from $5 million, likely in an effort to pressure the company.”[3]

Interestingly, the extortion threats against Aramco occurred on the Muslim holiday, Eid ul-Adha, the festival of sacrifice. So, while the Arabian Muslims were commemorating Prophet Ibrahim’s devotion to Allah, and his readiness to sacrifice his son, one of the world’s most valued businesses—with a valuation around $1.8 trillion—became a victim of cyber extortion by one of its third-party contractors, nonetheless.

A Saudi Aramco engineer monitors the central control room of the Khurais oil field, 150 kilometres east-northeast of Riyadh. (AP)

These tactics are all too familiar. Do you recall the ransomware attack on Floridan-based technology company, Kaseya? While the United States was celebrating our nation’s independence, Kaseya faced the largest ransomware attack to date.[4] Whether it is observing a religious holiday or national holiday, these cyber criminals are targeting organizations when they know security measures may be at its weakest.

Fortunately, MDS offers a comprehensive risk assessment, identifying the vulnerabilities in an organization, including upstream and downstream vendors in a supply chain to address these very issues. For more information about our services, you can contact a MDS representative at contactus@mdsny.com or learn more here.

The material and information provided in Maureen Data Systems (“MDS”) Content are for general information only and should not, in any respect, be relied on as professional advice. The MDS Content shall be construed as author-based content and commentary. Accordingly, no warranties or other guarantees are offered as to the quality of the opinions, commentary or anything else appearing in such MDS Content. MDS expressly reserves the right to delete stories at its and their sole discretion.

[1] Saudi Aramco acknowledges faces $50M cyber extortion, The Arab Weekly (Jul. 22, 2021), https://thearabweekly.com/saudi-aramco-acknowledges-facing-50m-cyber-extortion.
[2] Id.
[3] Id.
[4] Pusey, Ashley, Ransomware as a Service: The Service that Indiscriminately Attacks, https://www.mdsny.com/ransomware_as_a_service/.