Maze Ransomware Operators Allegedly Targeted Arabian Industries LLC

The oil and gas industry has a widespread and complicated production chain which could be difficult to be protected from devastating cyberattacks. More than 370 United States oil and gas security professionals were surveyed by the Ponemon Institute. According to the survey findings, the industry’s cybersecurity measures are not keeping up with the increasing digitalization of oil and gas operations. Only 35% of those surveyed rated their organization’s OT cyber readiness as high.

Recently, the Cyble Research Team came identified a leak post in which the Maze ransomware operators claimed to have breached Arabian Industries LLC and in possession of their sensitive data files and documents.

Founded in the year 1991, Arabian Industries LLC is a leading EPC Contracting, Manufacturing and Maintenance Company specialized in design, engineering, project construction, fabrication, painting, and testing & maintenance activities across Oil & Gas, Refineries, Petrochemicals, and Power Industries. Currently, the company is been operating with over 3000 employees.

Below is the leak disclosure post being published by Maze ransomware operators-:

After analysing the leaked files our researchers gathered some of the critical information out of it-:

  • As per now, the ransomware operators seem to have released around 1.8 GB of company’s data leak.
  • Details of company’s multiple ongoing and completed job records of over the past 3 years.
  • Purchase order invoices of the products been purchased by the company.
  • Confidential agreements for the provision of the American Society of Mechanical Engineers (ASME) inspection services.
  • Employment contracts, employees’ pension related documents, employees’ details, power of attorney legal documents, bank related documents of The Oman Construction Company LLC (TOCO) also been leaked.

Cyble has been reporting these data breaches to aware individuals of the risks associated with using online services.

Tips on how to prevent ransomware attacks –

  • Never click on unverified/unidentified links
  • Do not open untrusted email attachments
  • Only download from sites you trust
  • Never use unfamiliar USBs
  • Use security software and keep it updated
  • Backup your data periodically
  • Isolate the infected system from the network
  • Use mail server content scanning and filtering

It is recommended to follow above mentioned prevention methods and never pay the ransom.

About Cyble

Cyble is an Atlanta, US-based, global premium cyber-security firm with tools and capabilities to provide near real-time cyber threat intelligence. 

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

This monitoring and notification platform gives the average consumer insights into their personal cybersecurity issues, allowing them to take action then as needed. It has recently earned accolades from Forbes as being the top 20 cyber-security companies to watch in 2020. 

Leave a Comment

Your email address will not be published.

%d bloggers like this: