aramco
Company Details
Linkedin ID:
aramco
Website:
Employees number:
167,145
Number of followers:
7,348,916
NAICS:
211
Industry Type:
Homepage:
aramco.com
IP Addresses:
0
Company ID:
ARA_8392859
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
aramco Vendor Cyber Rating & Cyber Score
aramco.comWe’re a leading producer of the energy and chemicals that drive global commerce and enhance the daily lives of people around the globe by continuing delivering an uninterrupted supply of energy to the world. Our resilience and agility has built one of the world’s largest integrated energy and chemicals companies. And we are part of the global effort toward building a low carbon economy. Our horizon has never been clearer.
aramco A.I CyberSecurity Scoring
aramco Risk Score (AI oriented)Between 800 and 849
aramco
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
aramco Global Score (TPRM)XXXX
aramco
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
aramco Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
aramco
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Saudi Aramco fell prey to a ransomware attack in July 2021 that slightly disrupted its operations. The attackers gained the access to its systems and stole some of the company's files. Apparently, hackers had about 1 terabyte of Saudi Arabian Oil Co. data and demanded a ransom of about $50 million in cryptocurrency to delete it.
Saudi Aramco
Cyber Attack
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In August 2017, the Petro Rabigh complex, part-operated by Saudi Aramco, experienced a significant cybersecurity incident involving the Triton malware. This malware targeted Schneider Electric safety equipment within the facility, leading to the shutdown of part of the complex. The attack was distinguished by its sophistication, targeting the safety systems designed to prevent catastrophic industrial accidents. The Triton malware attack not only signaled a new chapter in cyber warfare aimed at industrial control systems but also demonstrated the potential for causing physical damage and even loss of life. The attack was later attributed with high confidence to a state-backed actor, showcasing the evolving landscape of cyber threats to critical infrastructure around the globe. The incident underscored the necessity for heightened cybersecurity measures and resilience against sophisticated cyberespionage tools targeting industrial safety and control systems.
aramco Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for aramco
Incidents vs Oil and Gas Industry Average (This Year)
No incidents recorded for aramco in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for aramco in 2026.
Incident Types aramco vs Oil and Gas Industry Avg (This Year)
No incidents recorded for aramco in 2026.
Incident History — aramco (X = Date, Y = Severity)
aramco cyber incidents detection timeline including parent company and subsidiaries
aramco Company Subsidiaries
We’re a leading producer of the energy and chemicals that drive global commerce and enhance the daily lives of people around the globe by continuing delivering an uninterrupted supply of energy to the world. Our resilience and agility has built one of the world’s largest integrated energy and chemicals companies. And we are part of the global effort toward building a low carbon economy. Our horizon has never been clearer.
Loading...
aramco Similar Companies
TotalEnergies
Have you ever thought of offering your skills and expertise to a multinational company? Give your best to better energy and make the commitment with TotalEnergies. With over 500-plus professions in 130 countries, we offer high safety and environmental standards, strong ethical values, an innovatio
Ecopetrol
Ecopetrol (NYSE: EC) es la compañía más grande en Colombia y uno de los principales grupos de energía de Latinoamérica. Cuenta con más de 18.000 empleados y es responsable del 60% de la producción de hidrocarburos en Colombia. Es propietaria de las dos refinerías del Colombia y de la gran parte de l
We are one of the world's leading energy producers, and a primary catalyst for Abu Dhabi’s growth and diversification. We operate across the entire hydrocarbon value chain, through a network of fully-integrated businesses, with interests that range from exploration, production, storage, refining a
CB&I is the world’s leading designer and builder of storage facilities, tanks, and terminals. With more than 60,000 structures completed throughout its 135+ year history, CB&I has the global expertise and strategically located operations to provide its customers world-class storage solutions for eve
Somos el mayor productor de Oil & Gas de la Argentina, con sólidos resultados y capacidad para llevar adelante los proyectos que convertirán al país en un exportador de energía a nivel mundial. Nuestro objetivo es convertirnos en una empresa no convencional de clase mundial y que Argentina pueda ex
Marathon Petroleum Corporation (MPC) is a leading, integrated, downstream and midstream energy company headquartered in Findlay, Ohio. The company operates the nation's largest refining system. MPC's marketing system includes branded locations across the United States, including Marathon brand retai
Aker Solutions delivers integrated solutions, products and services to the global energy industry. We enable low-carbon oil and gas production and develop renewable solutions to meet future energy needs. By combining innovative digital solutions and predictable project execution we accelerate the tr
McDermott International, Ltd
McDermott is a premier provider of engineering and construction solutions to the energy industry. Our customers trust our technology-driven approach—engineered to responsibly harness and transform global energy resources into the products the world needs for now and what’s next. From concept to co
At Enbridge, our goal is to be the first-choice energy delivery company in North America and beyond—for customers, communities, investors, regulators and policymakers, and employees. We also recognize the importance of a secure, reliable and affordable supply of energy, which we deliver every day th
.png)
aramco CyberSecurity News
March 04, 2026 05:36 AM
Handala Hack Claims Aramco Ransomware Breach: The Facts So Far
Handala Hack claims a ransomware breach at Aramco. However, leaked evidence currently points only to exposed 2016 engineering documents.
February 27, 2026 11:35 PM
Aramco Security 2026: Advanced Saudi Aramco Security
Explore how advanced security, integrated systems, and robust safeguards protect critical energy infrastructure from evolving threats in 2025—read more.
February 17, 2026 08:00 AM
CrowdStrike Partnerships With NordVPN And Saudi Aramco Reshape Growth Story
CrowdStrike Holdings (NasdaqGS:CRWD) has been selected by NordVPN to power its Threat Protection Pro feature with enterprise-grade threat...
February 13, 2026 01:33 AM
Saudi Aramco Signs MoU with Microsoft to Advance AI in Industrial Sector and Transform Digital Capabilities
Dhahran, February 13, 2026, SPA -- Saudi Aramco and Microsoft signed a non-binding memorandum of understanding (MoU) to explore a range of digital...
February 10, 2026 08:00 AM
CrowdStrike (CRWD) Draws Analyst Support After Saudi Aramco Collaboration
CrowdStrike Holdings, Inc. (NASDAQ:CRWD) is one of the 10 AI Stocks Analysts Are Watching. On February 9, Cantor Fitzgerald analyst Jonathan...
February 10, 2026 08:00 AM
CrowdStrike Aramco Saudi Cybersecurity Push And What It Means For Valuation
CrowdStrike Aramco Saudi Cybersecurity Push And What It Means For Valuation ... Find your next quality investment with Simply Wall St's easy and...
February 07, 2026 08:00 AM
Could CrowdStrike’s (CRWD) Aramco Pact Redefine Its Role In National‑Scale Cybersecurity Architectures?
Could CrowdStrike's (CRWD) Aramco Pact Redefine Its Role In National‑Scale Cybersecurity Architectures? ... Explore 22 top quantum computing...
February 07, 2026 08:00 AM
CrowdStrike stock jumps nearly 5% after Aramco pact — what investors watch next
CrowdStrike shares jumped 4.8% to $395.50 after the company announced a non-binding memorandum of understanding with Saudi Aramco.
February 06, 2026 08:00 AM
CrowdStrike Stock Up on Saudi Arabia Cybersecurity Partnership with Aramco - News and Statistics
CrowdStrike Jumps 3% on Saudi Aramco Cybersecurity Deal. Shares of cybersecurity platform provider CrowdStrike (NASDAQ:CRWD) jumped 3% in...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
aramco CyberSecurity History Information
Official Website of aramco
The official website of aramco is https://www.aramco.com.
aramco’s AI-Generated Cybersecurity Score
According to Rankiteo, aramco’s AI-generated cybersecurity score is 820, reflecting their Good security posture.
How many security badges does aramco’ have ?
According to Rankiteo, aramco currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has aramco been affected by any supply chain cyber incidents ?
According to Rankiteo, aramco has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does aramco have SOC 2 Type 1 certification ?
According to Rankiteo, aramco is not certified under SOC 2 Type 1.
Does aramco have SOC 2 Type 2 certification ?
According to Rankiteo, aramco does not hold a SOC 2 Type 2 certification.
Does aramco comply with GDPR ?
According to Rankiteo, aramco is not listed as GDPR compliant.
Does aramco have PCI DSS certification ?
According to Rankiteo, aramco does not currently maintain PCI DSS compliance.
Does aramco comply with HIPAA ?
According to Rankiteo, aramco is not compliant with HIPAA regulations.
Does aramco have ISO 27001 certification ?
According to Rankiteo,aramco is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of aramco
aramco operates primarily in the Oil and Gas industry.
Number of Employees at aramco
aramco employs approximately 167,145 people worldwide.
Subsidiaries Owned by aramco
aramco presently has no subsidiaries across any sectors.
aramco’s LinkedIn Followers
aramco’s official LinkedIn profile has approximately 7,348,916 followers.
NAICS Classification of aramco
aramco is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.
aramco’s Presence on Crunchbase
No, aramco does not have a profile on Crunchbase.
aramco’s Presence on LinkedIn
Yes, aramco maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/aramco.
Cybersecurity Incidents Involving aramco
As of April 04, 2026, Rankiteo reports that aramco has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
aramco has an estimated 10,824 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at aramco ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: Saudi Aramco Ransomware Attack
Description: Saudi Aramco fell prey to a ransomware attack in July 2021 that slightly disrupted its operations. The attackers gained access to its systems and stole some of the company's files. Hackers had about 1 terabyte of Saudi Arabian Oil Co. data and demanded a ransom of about $50 million in cryptocurrency to delete it.
Date Detected: July 2021
Type: Ransomware
Motivation: Financial Gain
Title: Triton Malware Attack on Petro Rabigh Complex
Description: In August 2017, the Petro Rabigh complex, part-operated by Saudi Aramco, experienced a significant cybersecurity incident involving the Triton malware. This malware targeted Schneider Electric safety equipment within the facility, leading to the shutdown of part of the complex. The attack was distinguished by its sophistication, targeting the safety systems designed to prevent catastrophic industrial accidents. The Triton malware attack not only signaled a new chapter in cyber warfare aimed at industrial control systems but also demonstrated the potential for causing physical damage and even loss of life. The attack was later attributed with high confidence to a state-backed actor, showcasing the evolving landscape of cyber threats to critical infrastructure around the globe. The incident underscored the necessity for heightened cybersecurity measures and resilience against sophisticated cyberespionage tools targeting industrial safety and control systems.
Date Detected: August 2017
Type: Cyberattack
Attack Vector: Malware
Vulnerability Exploited: Schneider Electric safety equipment
Threat Actor: State-backed actor
Motivation: Cyber warfare, industrial espionage
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware ARA182216322
Data Compromised: 1 terabyte of company data
Operational Impact: Slight disruption
Incident : Cyberattack SAU507050724
Systems Affected: Schneider Electric safety equipment
Downtime: Partial shutdown of the complex
Operational Impact: Significant
Brand Reputation Impact: High
Which entities were affected by each incident ?
Incident : Ransomware ARA182216322
Entity Name: Saudi Aramco
Entity Type: Company
Industry: Oil and Gas
Location: Saudi Arabia
Incident : Cyberattack SAU507050724
Entity Name: Petro Rabigh
Entity Type: Industrial Complex
Industry: Oil and Gas
Location: Saudi Arabia
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware ARA182216322
Ransomware Information
Was ransomware involved in any of the incidents ?
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Cyberattack SAU507050724
Lessons Learned: Necessity for heightened cybersecurity measures and resilience against sophisticated cyberespionage tools targeting industrial safety and control systems.
What recommendations were made to prevent future incidents ?
Incident : Cyberattack SAU507050724
Recommendations: Heightened cybersecurity measures and resilience against sophisticated cyberespionage tools.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Necessity for heightened cybersecurity measures and resilience against sophisticated cyberespionage tools targeting industrial safety and control systems.
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Heightened cybersecurity measures and resilience against sophisticated cyberespionage tools..
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Cyberattack SAU507050724
Root Causes: Vulnerabilities in Schneider Electric safety equipment
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was $50 million.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an State-backed actor.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on July 2021.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were 1 terabyte of company data and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Schneider Electric safety equipment.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was 1 terabyte of company data.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was $50 million.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Necessity for heightened cybersecurity measures and resilience against sophisticated cyberespionage tools targeting industrial safety and control systems.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Heightened cybersecurity measures and resilience against sophisticated cyberespionage tools..
.png)
Latest Global CVEs (Not Company-Specific)
Description
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=aramco' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
