Pemex Suffers Cyberattack, Hackers Demand Ransom of Nearly $5 Million
Mexico’s state-owned oil company is facing a cyber attack that is believed to have targeted its billing systems, according to media reports. The hackers claiming responsibility for the attack are demanding that Pemex pay 565 bitcoins, or the equivalent of about $5 million.
Pemex discovered the ransomware attack over the weekend at its headquarters in Mexico City, which prompted it to shut down computer networks across the country. Systems most affected involved those used to issue payments to employees and suppliers.
The attack has forced the integrated oil company to revert to manual invoicing for its fuel deliveries from storage terminals to gasoline stations. Reports also say that Pemex employees, from its upstream units to its downstream units, continue to be unable to access email, company networks, or telephone lines. Some business units are apparently unable to access the internet as well.
The ripple effect of the payment disruption could extend beyond retail fuel and impact global trading companies and service firms. Pemex is attempting to recover by wiping infected computers and installing software patches.
A screen shot of the apparent ransom note written by the hackers behind the recent Pemex cyberattack.
Reuters is among those that have seen the ransom note. When the news agency emailed the apparent hackers, the response was that Pemex had already missed the first deadline to pay a discounted ransom. The company has until 30 November to pay the bitcoin ransom.
Pemex issued a statement this week saying that it will not pay the ransom. In a statement, the company said its wells and plants continue to operate as normal and that fuel supplies are “guaranteed.”
Pemex also said that it quickly “neutralized” the attack and contained it to less than 5% of its personal computers. “The oil community and society are invited to avoid rumors that damage the image of the company,” the statement read.
The cyber attackers used a well-documented malware, according to the cybersecurity firm Crowdstrike. The malware has been used previously to attack the networks of a small south Texas city and Chile’s Ministry of Agriculture.
Ransomware attacks are among the most common and involve locking individual users or an entire company out of key systems until a sum of money is paid to the infiltrator. In many cases, if a deadline is not met, users are locked out indefinitely or have their files deleted. The oil and gas industry is among the most targeted businesses in the world by both individual hackers and state-sponsored hacking groups.
Pemex Suffers Cyberattack, Hackers Demand Ransom of Nearly $5 Million
14 November 2019
BHA Behavior-Prediction Model Offers Potential for Automated Analysis
A new 3D drillstring model determines the static and dynamic behavior of bottomhole assemblies (BHAs) in realistic wellbores.
Digital Twins Mature in the North Sea
A proving ground for the use of digital twins has emerged in the North Sea. There, operators Total, Aker BP, and Shell have each developed and deployed twins that they expect to pay big dividends.
Value of ROV Data Extends to Decommissioning Strategy
The complete paper describes the potential global scientific value of video and other data collected by ROVs.
No editorial available
ADVERTISEMENT
STAY CONNECTED
Don't miss out on the latest technology delivered to your email weekly. Sign up for the JPT newsletter. If you are not logged in, you will receive a confirmation email that you will need to click on to confirm you want to receive the newsletter.
ADVERTISEMENT
No editorial available
ADVERTISEMENT
ADVERTISEMENT