據油價網2022年9月13日報道，全球最大石油公司沙特阿拉伯國家石油公司（沙特阿美）總裁兼首席執行官阿明·納賽爾周二表示，網絡攻擊是該公司目前面臨的最大風險之一。

納賽爾在利雅得舉行的2022年全球人工智能峰會上表示：“網絡攻擊是我們沙特阿美面臨的最大風險之一，它與自然災害或實體攻擊一樣。”

納賽爾補充說，“但盡管這些攻擊在規模和嚴重性上都在增長，人工智能正在幫助我們抵御一些威脅。因此，我們的努力不應只專注于提高效率或深入了解客戶，還應關注安全和彈性。”

近幾年來，沙特阿美自身也遭受了數次網絡攻擊，其中最臭名昭著的是2012年的Shamoon惡意軟件，該軟件摧毀了這家沙特石油巨頭的所有電腦。網絡安全專家警告稱，2018年，Shamoon惡意軟件的一個變種重新出現。 

去年，沙特阿美在一起數據泄露事件中成為目標，并被索要5000萬美元的加密貨幣贖金。去年7月，這家世界上最大的石油公司告訴美聯社，沙特阿美最近意識到“第三方承包商間接泄露了有限數量的公司數據。一周前，BleepingComputer報道稱，沙特阿美公司遭遇數據泄露，網絡攻擊者竊取了該公司1萬億字節的專有數據，并在暗網上出售。” 

不僅僅是沙特阿美將網絡攻擊列為最大風險之一。 

根據網絡風險評級和監測公司BreakchBits今年8月的一項研究，大多數美國油氣公司都面臨網絡攻擊的風險。該研究將59%的公司在網絡攻擊方面處于中等風險，13%處于低等風險，28%處于極低風險。 

BreachBits首席執行官兼聯合創始人約翰·朗格倫上個月表示：“11%的公司存在潛在的嚴重、高風險威脅。我們大規模地識別和監控網絡風險，發現問題，然后測試它們，就像黑客為客戶做的那樣。”

李峻 編譯自 油價網

原文如下： 

Cyberattacks Are A Major Risk For The World’s Largest Oil Company

Cyberattacks are among the greatest risks Saudi Aramco faces these days, Amin Nasser, president and chief executive officer at the world’s biggest oil firm, said on Tuesday.

“Cyberattacks are one of the top risks we face at Aramco – on a par with natural disasters or physical attacks,” Nasser told the Global AI Summit 2022 in Riyadh.

“But while these attacks are growing in scale and severity, AI is helping fend off some of the threat. So our efforts should not only focus on greater efficiency or deeper customer insights, but also on security and resilience,” Saudi Aramco’s top executive added.  

Aramco itself has been subject to several cyber attacks in recent years, the most notorious being the 2012 Shamoon malware that wiped out every computer at the Saudi oil firm. In 2018, a variant of the Shamoon malware resurfaced, cybersecurity experts warned at the time.

Last year, Aramco was targeted in a data leak that was the subject of a ransom demand of $50 million in cryptocurrency. In July last year, the world’s largest oil firm told The Associated Press that it “recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors.” A week earlier, BleepingComputer reported that Saudi Aramco had suffered a data breach in which cyber attackers had stolen 1 terabyte of proprietary data of Saudi Arabia’s oil giant and are selling it on the dark web.

It’s not only Saudi Aramco that has identified cyber threats as one of the top risks.

According to an August 2022 study by cyber risk rating and monitoring company BreachBits, most U.S. oil and gas firms are exposed to the risks of a cyber breach. The study ranked 59% of companies at Medium Risk for a cyber breach, 13% at Low Risk, and 28% at Very Low Risk.

“11% of the companies presented potentially serious, High-Risk threats. We identify and monitor cyber risks at scale as we did here, detect issues and then test them just as a hacker would for our customers,” BreachBits CEO and Co-Founder John Lundgren said last month.