Posted On 10 Aug 2021

Aramco Held to Ransom
The largest oil producer in the world, Saudi Aramco has revealed that it has been subject to a ransom demand of $50 million from criminals claiming to have access to data files leaked through a third-party contractor. The company was keen to emphasize that its own systems were not breached and that its operations had not been affected.
Statements on the dark web from the hacker claim they were in possession of 1 TB of company data which included oil refinery locations and privileged employee and client information. The hacker demanded $50 million from the company, while at the same time offering to sell the data to others for $5 million.
This is not the first time that the company has been subject to cyberattack, and other oil companies have also experienced similar threats. Earlier in 2021 the Colonial Pipeline hack in the USA led to fuel shortages on the east coast. With Aramco supplying 10% of the world’s crude oil, security breaches have far-reaching implications for the global economy.

Router Attack Danger
French authorities have warned that hackers sponsored by the Chinese state are making sustained efforts to compromise commercial and home routers. Hacking groups linked to the Chinese government such as Panda, Zirconium, and APT31, which have a long history of attempting to hack state, financial, and military servers, have launched attacks against routers on an enormous scale. The authorities believe that the hackers’ intention is to employ a network of domestic routers as relay stations for reconnaissance and attacks.
French authorities have issued an advisory which provides guidance on how to check whether a router has been compromised by hackers. The guidance includes 161 IP addresses linked to the hack, which are spread across the globe.
Hackers frequently target routers used by small businesses and domestic users for a number of purposes, principally as cover for malicious attacks that cannot be traced. It is advised that anyone concerned that their router may be compromised should restart their device from time to time, because the majority of malware cannot cope with this. Users should also turn off remote administration, check that no configurations have been altered, and ensure their device has the most up-to-date firmware available.