Hackers allegedly breached Saudi Aramco again

Saudi Aramco, the national oil company of Saudi Arabia and the biggest oil company in the world, has issued a statement announcing that it has restored all its main internal network services that were impacted in a recent cyber attack which affected about 30,000 workstations – a number that corresponds with that shared by the Cutting Sword of Justice, the hacker group that took credit for the breach.

The company’s primary enterprise systems of hydrocarbon exploration and production were unaffected as they operate on isolated network systems, the statement confirmed. The production plants were also fully operational.

“We addressed the threat immediately, and our precautionary procedures, which have been in place to counter such threats, and our multiple protective systems, have helped to mitigate these deplorable cyber threats from spiraling,” said Khalid A. Al-Falih, president and CEO of Saudi Aramco.

Published on Sunday, the statement doesn’t contain any mention about further attacks by the hacker collective, despite one being announced and scheduled for the day before.

But the group didn’t remain silent.

“We think it’s funny and weird that there are no news coming out from Saudi Aramco regarding Saturday’s night, they said in a new Pastebin post. “Well, we expect that but just to make it more clear and prove that we’re done with we promised, just read the following facts -valuable ones- about the company’s systems.”

The post included the email and password of Khalid A. Al-Falih; information and access credentials of the company’s core, backup and middle routers; and the security appliances used by the company and the fact that they all still have default passwords.

If the leaked information is legitimate, the situation doesn’t bode well for the company, as the hackers announced one last paste, and who knows what information will be revealed in it.