The registered headquarters of state-run Oil India Limited (OIL) at Duliajan in Assam’s Dibrugarh district is facing its “biggest cyberattack in recent years”.
“It is a virus, it is a fairly severe and strong virus. It has impacted some of our servers — restoration will take some time. We are also taking the help of external experts,” OIL spokesperson Tridiv Hazarika told ThePrint, adding that there had been no data breach so far. “This is the biggest attack that we have faced in recent years.”
Dibrugarh Superintendent of Police (SP) Shwetank Mishra said hackers had asked for a ransom of 196 Bitcoins — which comes up to approximately Rs 60 crore.
Asked if any data had been compromised, he added: “Details are being worked out, as of now it is just known that a ransomware attack has been carried out.”
An FIR has been filed at the Duliajan Police Station under various sections of the Information Technology Act and Section 385 of the Indian Penal Code, which deals with extortion.
Police are still investigating the source of the attack.
‘No data breach, huge financial loss’
OIL’s complaint to the police said that the cyberattack took place on 10 April on “one of the work stations of the G&R (Geology and Reservoir department) departments”.
“After their preliminary investigation, it came to their notice that OIL’s network, server, and clients PCs are facing network outage,” OIL’s complaint, which ThePrint has accessed, reads. “Further, it also came to their notice that, the cyber attacker has demanded 7500000 USD (roughly Rs 57 crore) as a ransom through a note from the infected PC.”
However, OIL spokesperson Hazarika played down the ransom demand.
“These are standard tactics of hackers who use ransomware to intimidate the target entities,” he said.
The virus infected a few computers, which were subsequently removed from the LAN connection, Hazarika said.
According to the spokesperson, there has been no data breach so far.
“Our operations, the key elements of our day-to-day activities — drilling, and production operations have not been impacted at all… The ERP platform, which we use for our business transactions, is also up and running,” he said. “We are just taking some time to activate all the desktops, which, as a precautionary measure, we had removed from our systems”.
The company said in its complaint that the public sector undertaking had “incurred a huge financial loss” because their business transactions have been affected but it does not quantify the loss.