18 comments

[ 3.2 ms ] story [ 54.9 ms ] thread
I think Saudi Aramco was hacked a few years back too.

Having worked at a major oil company, it doesn’t surprise me that these things happen. It’s not that anybody is particularly unintelligent, moreso that large sometimes sleepy companies have lots of vulnerable points in IT.

I’m sure the same could be said for a host of other corporations, tech, finance, and defense aside.

The Aramco hack is discussed in Paul's Security Weekly episode 498:

https://wiki.securityweekly.com/Episode498

Why do these companies not have dedicated red teams?
Because if you don't know tech, you can't hire for tech. Or won't, because "it's just a cost" (see: Sony).

And if the person you've hired to manage the tech doesn't really know tech...you get this.

They probably do, still vulnerable
When life imitates art. Wasn't this literally the plot to the Hackers movie? Complete with the 5 million dollar ransom to an oil company...
> Wasn't this literally the plot to the Hackers movie?

Except it was an inside job.

Who says this isn’t? Maybe someone should hack the Gibson and find out?
In that movie the villain was also the tech-guru for the security company selling to the energy company.

Only Zero Cool can save us from The Plague! Hack the planet!!!

Daily reminder you need isolated, tested back-ups! Sure, you might not be able to recover all data but having no back-ups versus losing data in an x timeframe makes a big difference.
Potential new revenue source for the cartels.
Hacking or running an oil company?

(both are basically black hat enterprises these days)

(comment deleted)