snatch attacks Oil India Limited
Oil India Limited Faces Ransomware Attack
Oil India Limited (OIL), a state-run oil company in India, was recently targeted by a ransomware group identified as Snatch. The cyberattack, which took place on April 10, 2022, compromised the company's network, server, and client PCs, leading to a significant network outage. The attackers demanded a ransom of 750,000 USD (approximately Rs 57 crore) in Bitcoin.
The cyberattack, centered on OIL's headquarters in Duliajan, Assam, has been described by OIL spokesperson Tridiv Hazarika as the "biggest cyberattack in recent years." Despite the attack, the company's core operations, including drilling and production, remained unaffected. However, the disruption of business transactions resulted in considerable financial losses.
The perpetrators executed the attack using Russian malware, which was deployed from a server located in Nigeria. OIL has taken legal action by lodging an FIR with the Duliajan Police Station, invoking various sections of the Information Technology Act and Section 385 of the Indian Penal Code, which pertains to extortion.
OIL plays a crucial role in the Energy, Utilities & Waste sector, focusing on the exploration, development, and production of crude oil and natural gas. The company emphasizes operating in an efficient, safe, and environmentally responsible manner, as stated on its website.
This incident underscores the heightened vulnerabilities faced by entities in the energy sector to cyber threats. With an increasing reliance on digital technologies, the sector is more exposed to cyberattacks that can disrupt operations and inflict significant financial damages.
In the aftermath of the attack, OIL has initiated measures to recover its systems and enhance its cybersecurity posture. The company is collaborating with external cybersecurity experts and has reported the incident to law enforcement authorities.
The attack on OIL serves as a critical reminder for companies, particularly those within the energy sector, to prioritize cybersecurity. Implementing comprehensive and robust cybersecurity measures is essential to safeguard against ransomware attacks and other cyber threats.
Sources
- Oil India Limited | Govt. of India Enterprise | Oil Company in India
- 'Biggest cyberattack in recent years' hits Oil India HQ, hackers demand Rs 60 crore in Bitcoin
- Covid vaccine study to Oil India: Targets under cyber attack
- Russian Malware Used For Oil India Cyber Attack: Report
- Assam: Cyberattack in Oil India's headquarters, attackers demand over Rs 57 crore as ransom
- Oil India cyber attack: Russian malware planted from Nigeria
Disclaimer
The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources. By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!