Petroleos Mexicano (Pemex), a Mexican state oil and gas conglomerate, has been hit with a ransomware attack that crashed its servers, encrypted files and halted some administrative work, the company said.
It’s the latest cyber foray against global commodities giants, an industrial sector likely to draw increased attention from managed security service providers (MSSPs) for the rising number of blows it’s taking from hackers. Previous high value ransom hits have hobbled Norwegian aluminum company Norsk Hydro, zinc smelter Nyrstar, shipping company Maersk, pharmaceutical firm Merck and others.
In the Pemex hijack, the cyber crew has demanded 565 bitcoins, or roughly $5 million, payable before the end of November to unlock the affected systems, according to reports. As of Thursday, November 14, Pemex officials said the cyber attack was “totally under control,” although a number of employees claimed operations were still not up and running as usual, CNBC reported.
Here are 10 things you need to know about the Pemex attack: (via Bloomberg, Reuters)
The hacker used the name “Joseph Atkins” in an email to Bloomberg, claiming the crime group was also behind a July, 2019 phishing attack on truck freight provider Roadrunner Transportation Systems, a Downers Grove, Illinois-based outfit. “They did not pay and recovered themselves, and left us GB’s of their data,” the person reportedly said, in what could be a thinly veiled threat to Pemex.
The attack on Pemex came as the company is wrestling to pay down $106 billion in debt, arrest 15 years of declining oil output and repair downgrades to its credit. In its recently completed Q3 financial report, the company lost $4.4 billion but pared six percent from its debt load for the first decrease in a decade.
