Cyberattack hits Oil India HQ, probe on
GUWAHATI: Computers at Oil India Limited’s (OIL) field headquarters in Assam Duliajan were locked out after a ransomware attack, according to a copy of the police case lodged by the state-run refiner, which also said the group behind the cyber attack sought $7.5 million (over ₹57 crore) in Bitcoin to restore access.
Duliajan is the headquarters for OIL, the country’s secondlargest oil and gas company that is run by the government. The scale of the systems affected was not immediately clear but a representative, who confirmed the incident, said systems connected to production and drilling were not affected.
“There has been a cyberattack in which some of our systems and few servers in Duliajan office were affected. As a precautionary measure, we are putting some of our systems down and got into restoration exercise,” said OIL public relations officer Tridiv Hazarika.
Cybersecurity experts have been brought in to help restore the network, the official added.
The problem was noticed on Sunday afternoon when employees who were working noticed some computers began experiencing outages.
The IT support team detected the problem as a malware attack and took affected computers off of the local area network.
“We have employed an international cyber security expert to devise a way to reboot and restore our systems. We are doing it in a phased manner and should be over in next 4-5 days,” Hazarika added.
Ransomware is a form of malware that encrypts all data of a computer with a key that
...it came to notice that OIL’S network, server and clients PCS are facing network outage... it also came to notice that the attacker has demanded 7,500,000 USD POLICE FIR
only the attackers have access to. Such attacks typically are aimed to extort money but when critical infrastructure and industry such as refineries are targeted, there can be broader risks.
Hazarika said a case has been lodged with the local police in Duliajan to look into the attack.
The first information report (FIR) of the case, which HT has seen, mentioned that the malware hit one of workstations of the geology and reservoir (G&R) department.
“After their (IT department’s) preliminary investigation, it came to notice that OIL’S network, server and clients PCS are facing network outage. Further it also came to notice that the cyber attacker has demanded 7,500,000 USD as ransom through a note from the infected PC,” the FIR read.
Dibrugarh district superintendent of police Shwetank Mishra informed that a CID team would reach Duliajan to start investigations of their own.
“Thankfully, there has been no impact on our production and drilling activities,” said Hazarika, while assuring stakeholders and shareholders that all of OIL’S data is secure.