沙特阿美认为网络攻击是该公司面临的最大风险之一

据油价网2022年9月13日报道，全球最大石油公司沙特阿拉伯国家石油公司（沙特阿美）总裁兼首席执行官阿明·纳赛尔周二表示，网络攻击是该公司目前面临的最大风险之一。

纳赛尔在利雅得举行的2022年全球人工智能峰会上表示：“网络攻击是我们沙特阿美面临的最大风险之一，它与自然灾害或实体攻击一样。”

纳赛尔补充说，“但尽管这些攻击在规模和严重性上都在增长，人工智能正在帮助我们抵御一些威胁。因此，我们的努力不应只专注于提高效率或深入了解客户，还应关注安全和弹性。”

近几年来，沙特阿美自身也遭受了数次网络攻击，其中最臭名昭著的是2012年的Shamoon恶意软件，该软件摧毁了这家沙特石油巨头的所有电脑。网络安全专家警告称，2018年，Shamoon恶意软件的一个变种重新出现。 

去年，沙特阿美在一起数据泄露事件中成为目标，并被索要5000万美元的加密货币赎金。去年7月，这家世界上最大的石油公司告诉美联社，沙特阿美最近意识到“第三方承包商间接泄露了有限数量的公司数据。一周前，BleepingComputer报道称，沙特阿美公司遭遇数据泄露，网络攻击者窃取了该公司1万亿字节的专有数据，并在暗网上出售。” 

不仅仅是沙特阿美将网络攻击列为最大风险之一。 

根据网络风险评级和监测公司BreakchBits今年8月的一项研究，大多数美国油气公司都面临网络攻击的风险。该研究将59%的公司在网络攻击方面处于中等风险，13%处于低等风险，28%处于极低风险。 

BreachBits首席执行官兼联合创始人约翰·朗格伦上个月表示：“11%的公司存在潜在的严重、高风险威胁。我们大规模地识别和监控网络风险，发现问题，然后测试它们，就像黑客为客户做的那样。”

李峻 编译自 油价网

原文如下： 

Cyberattacks Are A Major Risk For The World’s Largest Oil Company

Cyberattacks are among the greatest risks Saudi Aramco faces these days, Amin Nasser, president and chief executive officer at the world’s biggest oil firm, said on Tuesday.

“Cyberattacks are one of the top risks we face at Aramco – on a par with natural disasters or physical attacks,” Nasser told the Global AI Summit 2022 in Riyadh.

“But while these attacks are growing in scale and severity, AI is helping fend off some of the threat. So our efforts should not only focus on greater efficiency or deeper customer insights, but also on security and resilience,” Saudi Aramco’s top executive added.  

Aramco itself has been subject to several cyber attacks in recent years, the most notorious being the 2012 Shamoon malware that wiped out every computer at the Saudi oil firm. In 2018, a variant of the Shamoon malware resurfaced, cybersecurity experts warned at the time.

Last year, Aramco was targeted in a data leak that was the subject of a ransom demand of $50 million in cryptocurrency. In July last year, the world’s largest oil firm told The Associated Press that it “recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors.” A week earlier, BleepingComputer reported that Saudi Aramco had suffered a data breach in which cyber attackers had stolen 1 terabyte of proprietary data of Saudi Arabia’s oil giant and are selling it on the dark web.

It’s not only Saudi Aramco that has identified cyber threats as one of the top risks.

According to an August 2022 study by cyber risk rating and monitoring company BreachBits, most U.S. oil and gas firms are exposed to the risks of a cyber breach. The study ranked 59% of companies at Medium Risk for a cyber breach, 13% at Low Risk, and 28% at Very Low Risk.

“11% of the companies presented potentially serious, High-Risk threats. We identify and monitor cyber risks at scale as we did here, detect issues and then test them just as a hacker would for our customers,” BreachBits CEO and Co-Founder John Lundgren said last month.