In December 2002, during a general strike in Venezuela, a port facility operated by **PDVSA** (Venezuela’s state-owned oil company) was targeted in a deliberate cyber attack. The attacker, likely an insider (possibly an employee involved in the strike), remotely accessed the **SCADA (Supervisory Control and Data Acquisition) system** controlling the port’s operations. The attacker **erased all PLC (Programmable Logic Controller) programs**, crippling the facility’s ability to load oil tankers. The sabotage lasted **eight hours**, causing Venezuela’s national oil production to plummet from **3 million barrels per day (BPD) to just 300,000 BPD**—a **90% reduction**.The attack directly disrupted Venezuela’s oil-dependent economy, which relied heavily on exports. The temporary shutdown of the port facility contributed to broader economic instability during the strike, exacerbating fuel shortages and financial losses. While no physical damage or loss of life occurred, the **targeted disruption of critical infrastructure**—a key sector for the nation’s revenue—demonstrated the vulnerability of industrial control systems to cyber sabotage. The incident highlighted how cyber attacks on energy infrastructure could be weaponized for **political or economic coercion**, with cascading effects on national production and global oil markets.
TPRM report: https://www.rankiteo.com/company/petroleosdevenezuela
"id": "pet451092125",
"linkid": "petroleosdevenezuela",
"type": "Cyber Attack",
"date": "12/2002",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'industry': 'oil and gas',
'location': 'Venezuela',
'name': 'Unnamed Venezuela Port Facility (oil '
'production hub)',
'type': 'government-owned/operated port'}],
'attack_vector': ['insider threat (possible)', 'remote access'],
'data_breach': {'data_exfiltration': 'no (data was erased, not stolen)',
'file_types_exposed': ['PLC configuration files'],
'sensitivity_of_data': 'high (critical infrastructure control '
'systems)',
'type_of_data_compromised': ['PLC programs (operational '
'data)']},
'date_detected': '2002-12',
'description': 'In December 2002, during the general strike in Venezuela, a '
"port facility's SCADA system was hacked by someone (possibly "
'an employee involved in the strike). The attacker remotely '
'accessed the system to erase all PLC (Programmable Logic '
'Controller) programs, halting tanker loading operations for '
"eight hours. This caused Venezuela's national oil production "
'to plummet from 3 million barrels per day (BPD) to 300,000 '
'BPD.',
'impact': {'data_compromised': 'PLC programs (erased)',
'downtime': '8 hours (tanker loading operations halted)',
'operational_impact': ['port facility operations disrupted',
'oil production dropped from 3M BPD to 300K '
'BPD'],
'systems_affected': ['SCADA system',
'Programmable Logic Controllers (PLCs)']},
'initial_access_broker': {'entry_point': ['remote access to SCADA system'],
'high_value_targets': ['PLC programs controlling '
'tanker loading']},
'investigation_status': 'historical (limited public details)',
'motivation': ['political (supporting the general strike)',
'economic sabotage (disrupting oil production)'],
'post_incident_analysis': {'root_causes': ['inadequate SCADA security',
'lack of access controls',
'insider threat risk']},
'response': {'recovery_measures': ['resumed tanker loading after 8 hours'],
'remediation_measures': ['restoration of erased PLC programs']},
'threat_actor': ['possibly an employee involved in the general strike',
'unknown external actor (unconfirmed)'],
'title': '2002 Venezuela Port Facility SCADA Hack During General Strike',
'type': ['cyber-physical attack', 'sabotage', 'SCADA compromise'],
'vulnerability_exploited': ['weak SCADA system security',
'unauthorized remote access']}