conti attacks OCA Global

Incident Date:

March 21, 2022

World map



conti attacks OCA Global


OCA Global




Al Khobar, Saudi Arabia

Al Khobar, Saudi Arabia

First Reported

March 21, 2022

OCA Global Suffers Ransomware Attack

OCA Global, a leading company in the Testing, Inspection, and Certification (TIC) business in Saudi Arabia, has been targeted by the ransomware group Conti. The attack was announced on the group's dark web leak site, and the victim's website is OCA Global operates in the Energy, Utilities & Waste sector, providing services to clients in the region with a broad portfolio of services that allows them to provide national coverage, addressing the needs of the Oil & Gas, Energy, Industrial, and Mining sectors.

Company Overview

OCA Global is a significant player in the TIC industry, offering a range of services to clients in Saudi Arabia and beyond its borders. The company's website highlights its expertise in the Oil & Gas, Energy, Industrial, and Mining sectors, indicating a strong presence in the energy sector.

Vulnerabilities and Targeting

Ransomware attacks on critical infrastructure firms, such as those in the energy sector, have been on the rise. Cybercriminals target these firms due to the high-value data assets involved, which can command more lucrative ransom payments. The energy sector is particularly vulnerable due to the complexities in converging IT and operational systems, as well as historic geopolitical fragmentation.

Impact and Response

The Conti ransomware group's attack on OCA Global is part of a broader trend of ransomware attacks targeting the energy sector, with nuclear facilities and related research entities being major targets. The impact of such attacks can be devastating, with potential implications for geopolitical relations, capital markets, public safety, and national security.

Mitigation Strategies

While the article does not provide specific mitigation strategies for OCA Global or similar companies, it is essential for organizations in the energy sector to implement robust cybersecurity measures to protect against ransomware attacks. This includes regular security assessments, employee training, and the use of advanced threat detection and response tools.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.