Shell oil & gas giant is hacked by ransomware cyber attack.

Oil and gas giant Shell has confirmed that it was the victim of a ransomware cyber attack. In addition, a growing number of businesses, universities and government agencies have been targeted in what is believed to be a global cyberattack which western governments and sources have attributed to Russian cybercriminals.

Shell is one of the victims of the recent large-scale ransomware campaign conducted by the Clop gang exploiting a MOVEit zero-day vulnerability.

While the scope of the attacks are not yet fully known, officials at the US Cybersecurity and Infrastructure Security Agency (CISA) said Thursday that “several federal agencies… have experienced intrusions” and suggested a number of businesses could be impacted as well.

This has the markings of potentially being classified as Geo-Poli-Cyber™ motivated attack despite it being a Financially motivated Ransomware,” said a senior MLi Group Survivability and Security expert and MLI Group will soon publish more details on this matter.

Separately, state agencies said late Thursday that millions of people in Louisiana and Oregon had their data compromised in a security breach. The states did not blame anyone in particular for the hack but federal officials have attributed a broader hacking campaign using the same software vulnerability to a Russian ransomware gang that calls itself Clop.

The company is investigating the security breach and said that at this time the attack had no impact to its core IT systems.

“We are aware of a cyber security incident that has impacted a third-party tool from Progress called MOVEit Transfer, which is used by a small number of Shell employees and customers,” said Shell US spokesperson Anna Arata in a statement. “There is no evidence of impact to Shell’s core IT systems,” Arata added. “Our IT teams are investigating to understand and manage any risks, and take appropriate action, she said.

The Clop ransomware gang claims to have hacked hundreds of companies by exploiting the above issue.

“Nobody knows the full extent of this, and that’s the way these cyber compromises work,” Robert Cattanach, a partner specializing in cybersecurity at the law firm Dorsey & Whitney and a former trial lawyer for the Department of Justice, “Once you’re compromised, there begins an arduous process of ‘how far in did they get in?’ and ‘what did they take?’ That’s typically weeks, and sometimes months.”

More to come. register to stay up to date.

What Are
& Risks?

What Are Geo-Poli-Cyber™ (GPCyber™) Warfare, Risks & Threats?

Geo-Poli-Cyber™ warfare has spread worldwide in recent years and is impacting everyone without exception through cyber attacks that are political, ideological, terrorist, extremist, ‘religious’ and/or geo-politically motivated. They are perpetrated by political and extremist groups, national security agencies and/or their proxies, and lone wolves.

Cyber security strategies and solutions that are followed like gospel have failed and will continue to fail to mitigate, defend and protect national sovereignty and corporate security from Geo-Poli-Cyber™ attacks on unprecedented scales and with devastating political, social, and financial consequences.
More Sinister and Destructive Than Financial Motivations

Geo-Poli-Cyber™ attacks are significantly different from financially motivated cyber-attacks in damage, scale, magnitude and require different and upscaled risk mitigation strategies and solutions.

Why Do Existing Strategies & Solution keep failing?

MLi Group chairman Khaled Fattal created the terms Poli-Cyber™ and Geo-Poli-Cyber™ (GPCyber™) back in 2012 because of seismic game-changing events he had observed years before. Fattal believed that these events and trends will cause …

Click to read more

Survivability News Latest