Advertisement
Advertisement
Computer hackers
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
Hackers have increasingly targeted companies with malicious programs that can cripple systems. File photo: Reuters

Hacker who crippled Mexican state-owned oil company’s computers demands US$5 million ransom

  • Hackers have increasingly targeted companies with malicious programs that can cripple systems, removing them only after receiving substantial payments.

The hacker behind a cyberattack that has crippled Petroleos Mexicanos’s computer systems since the weekend is hoping to squeeze almost US$5 million out of the company and appears to have set a deadline of November 30.

Pemex has other ideas, saying it won’t pay the ransom and hopes to solve the cyberattack problem, according to comments made by Mexico energy minister Rocio Nahle on Wednesday.

Those comments were among the latest in an unfolding drama that has pitted the Mexican oil giant against an unknown hacker who uses the name “Joseph Atkins” in an email address – almost surely a pseudonym.

The person also said his group’s hacks weren’t limited to the oil sector and suggested they were responsible for a previous cyberattack on Roadrunner Transportation Systems Inc, which is based in Wisconsin and offers truck freight transport services.

Hong Kong’s smaller companies are not ready to face cybersecurity threats, warns Chubb Insurance

“They did not pay and recovered themselves, and left us GB’s of their data,” the person said in an email to Bloomberg.

The person also confirmed that the group was seeking 565 Bitcoins, which is roughly equivalent to US$4.8 million.

The email address was obtained from a message to a Pemex employee requesting the ransom money, which was viewed by Bloomberg.

The faster you get in contact, the lower price you can expect,” it said.

Pemex declined to comment on whether the hackers imposed a deadline. The company said in a statement earlier this week that operations were normal after it was subjected to cyberattacks November 10 that affected less than 5 per cent of personal computing devices.

Mexican national oil company Pemex will not pay a ransom demanded by suspected cyber attackers who targeted the firm’s computer systems. Photo: Reuters

The cyberattack highlights the growing epidemic of attacks against global companies that turn their own vulnerable IT systems against them – in this case by hijacking data they need to function.

While some companies resist, others quietly pay, often on advice of security experts, fuelling further attacks.

In this case, the hackers have also struck at a potent symbol of Mexican national pride that has fallen on hard times. Pemex, once a driving force of the country’s economic health, faces almost 15 years of output declines and more than US$100 billion of debt, the highest of any oil company.

US sanctions North Korean hackers behind WannaCry, Sony cyberattacks

On Wednesday, some Pemex employees were still locked out of their computers and told not to log on to the company’s Wi-fi network, according to two people familiar with the situation. Pemex personnel have been busy since Tuesday wiping infected computers and installing software patches, said one of the people.

Neither Pemex or Mexican authorities have identified the type of malware used in the attack. However, there are indications that it may be a strain known as DoppelPaymer, according to cybersecurity firm Crowdstrike Inc. The firm first saw DoppelPaymer deployed in June attacks, according to Adam Meyers, the company’s vice-president of intelligence. Crowdstrike had previously connected the Joseph Atkins email to DoppelPaymer attacks.

For more insights into China tech, sign up for our tech newsletters, subscribe to our award-winning Inside China Tech podcast, and download the comprehensive 2019 China Internet Report. Also roam China Tech City, an award-winning interactive digital map at our sister site Abacus.

This article appeared in the South China Morning Post print edition as: Hacker who crippled oil giant’s computers wants nearly US$5m in ransom
Post