Oil Exports Paralyzed: PDVSA Administrative Collapse Traps 11M Barrels After Ransomware Attack

Venezuela’s state-owned oil company PDVSA has reported a cyberattack on its systems, stressing that oil production and refining were unaffected. In practice, however, the disruption has proven far more severe, already forcing a suspension of crude exports. According to sources, the company’s administrative systems remain offline, oil shipments are frozen, and employees have been reduced to manual record-keeping.

The incident unfolded against a backdrop of sharply escalating tensions between Caracas and Washington. The United States has increased its military presence in the southern Caribbean, carried out strikes against vessels it claims are linked to drug trafficking, and President Donald Trump has publicly floated the possibility of a ground operation in Venezuela. Venezuelan authorities are convinced that Washington’s ultimate objective is regime change and control over the world’s largest proven oil reserves. Further inflaming tensions was the recent seizure by the U.S. Coast Guard of a supertanker carrying 1.85 million barrels of Venezuelan heavy crude sold by PDVSA.

Company officials and the Ministry of Petroleum have accused the United States of orchestrating the cyberattack, describing it as the work of “foreign interests in collusion with internal forces” and part of an effort to seize control of Venezuela’s energy sector “through force and piracy.” A source within PDVSA added that the incident involved ransomware discovered several days earlier. An attempt to restore systems using antivirus software reportedly triggered the collapse of the company’s entire administrative infrastructure.

Although PDVSA has publicly claimed it is recovering from the attack, sources say the fallout persists. All export-shipment instructions remain suspended, and some employees have been ordered to disconnect from corporate systems and restrict contractors’ access to company facilities. At the same time, oil production, refining, and supplies to the domestic market continue to operate normally.

The cyber incident has compounded a sharp decline in Venezuelan oil exports following the tanker seizure. More than 11 million barrels are currently stranded aboard vessels in the country’s territorial waters, dealing a particularly heavy blow to Cuba, which is already suffering from daily power outages. Some tankers, including vessels chartered by Chevron, continue to sail under special U.S. authorization, while others have turned back mid-voyage. One tanker carrying naphtha for PDVSA rerouted to Europe, and at least four supertankers have canceled calls at Venezuelan ports.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy