Fraud Management & Cybercrime , Ransomware
Oil Services Giant Halliburton Disrupted by Hack Attack
Company Reportedly Instructs Staff to Not Connect to Internal IT SystemsOil services giant Halliburton is reportedly dealing with an IT disruption tied to a Wednesday hack attack.
See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk
The company told Reuters, which first reported the disruption, that it's still probing the cause and scope of the outage, working in conjunction with "leading external experts."
Speaking on condition of anonymity, a person with knowledge of the attack told Reuters that the incident appeared to disrupt the company's Houston campus, as well as some global connectivity, and that the company has requested staff not connect to internal IT resources.
A company spokesperson contacted by CNN refused to confirm or deny that Halliburton suffered a cyberattack but did acknowledge an unspecified "issue."
Founded in Oklahoma in 1919, publicly traded Halliburton is one of the world's largest providers of products and services to the energy industry. The company, now Houston-based, reported second-quarter revenue of $5.8 billion and net income of $709 million and said that as of the end of June, it counted 49,000 employees working in more than 70 countries.
Instructing employees not to connect to the corporate network is often a sign that a suspected ransomware infection has taken hold, which threatens to spread crypto-locking malware to all connected systems.
While Halliburton hasn't confirmed if its disruption is ransomware, it wouldn't be the first firm in the energy industry to fall victim. Experts have also warned of a rise in big game hunting attacks by more elite ransomware groups seeking bigger ransom payments by targeting larger victims (see: Ransomware Again on Track to Achieve Record-Breaking Profits).
Although operating at the center of American critical infrastructure, Halliburton - like many critical infrastructure corporations - mostly determines for itself how much cybersecurity to apply in its networks. Industry successfully pushed back against a bipartisan attempt during the Obama administration to regulate critical infrastructure cybersecurity, rejecting it as heavy-handed and arguing that it would have mired cybersecurity practices in government bureaucracy. The voluntary approach that's been the status quo for more than a decade has been criticized by Biden administration officials, who have attempted to use existing regulatory authorities to create new cybersecurity requirements - with mixed success (see: US EPA Nixes Cybersecurity Assessments of Water Systems).
One of the most notable such attacks against the U.S. energy sector involved Colonial Pipeline Co., which on May 7, 2021, was hit by a ransomware-as-a-service operation called DarkSide. While the attack only disrupted the private company's billing operations - rather than operational technology environment - the company opted to shut down its entire pipeline.
In contrast, Halliburton is an upstream oil service firm and doesn't own or run any oil fields or pipelines. Instead, the company provides numerous services, ranging from exploration and drilling to pipeline services and software.
Whether or not any IT disruption affecting Halliburton might lead to pipeline disruptions isn't clear.