One of the world’s largest oilfield services firms, Halliburton, has confirmed on Friday that a cyberattack has disrupted its operations in the United States. A day earlier, the firm said that “an unauthorized third party gained access to certain of its systems”, raising concerns that its systems have been compromised.
Halliburton revealed the cyberattack in a mandatory SEC filing on Friday. The firm said it learned of the breach on August 21, 2024 and has since “launched an investigation internally with the support of external advisors to assess and remediate the unauthorized activity. The Company’s response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement.”
Without explicitly stating that the incident was a ransomware attack, Halliburton in its SEC Filing said that the “ongoing investigation and response include restoration of its systems and assessment of materiality” and that it was following its “process-based safety standards for ongoing operations under the Halliburton Management System.
While the exact details including nature of cyberattack, name of threat actor, extent of damage, affected parties etc remains unclear, it has caused significant disruptions to the company’s operations. The Halliburton cyberattack has raised concerns about the vulnerability of critical infrastructure to cyber threats.
The cyberattack on Halliburton appears to have impacted business operations at Halliburton’s north Houston campus, as well as some global connectivity networks. A day earlier, a person familiar with the matter told Reuters that the company has asked some staff to refrain from connecting to internal networks.
Halliburton’s Vague Response
On Thursday, Halliburton had acknowledged the incident, stating that it is aware of an issue affecting certain company systems and is working diligently to assess the cause and potential impact.
“We are aware of an issue affecting certain company systems and are working diligently to assess the cause and potential impact,” a Halliburton spokesperson said in an emailed statement to Reuters.
The company also confirmed that it was working with leading external experts to resolve the issue.
“We have activated our pre-planned response plan and are working internally and with leading experts to remediate the issue.”
Despite the tacit confirmation by Halliburton, the official website of the targeted company remains fully functional. This discrepancy has raised doubts about the authenticity of a cyberattack. To ascertain the veracity of the claims, The Cyber Express has reached out to the officials of Halliburton. As of the writing of this news report, no response has been received, leaving the cyberattack claim unverified.
Houston, Texas-based Halliburton is one of the largest oilfield services firms in the world, providing drilling services and equipment to major energy producers around the globe. It had nearly 48,000 employees and operated in more than 70 countries at the end of last year.
Implications of Attack on Halliburton
The impact of the Halliburton cyberattack is likely to be felt throughout the energy industry. The company’s services are used by major oil and gas producers around the world, and any disruption to its operations could have a ripple effect on the global energy market.
In addition to the potential economic consequences, the attack also raises concerns about national security. Halliburton’s services are used by the U.S. military, and a successful cyberattack on the company could have serious implications for national defense.
However, a spokesperson for the U.S. Department of Energy said on Thursday told the press that it was coordinating with inter-agency partners on the attack. The incident had not yet impacted any energy services.
Previous Instances of Cyberattacks on Energy Sector
This is not the first time the energy sector has been targeted by cyberattacks. In 2021, the Colonial Pipeline, a major fuel supply line in the United States, was hit by a ransomware attack that caused a days-long shutdown. The attack led to fuel shortages and price spikes, creating a major political headache for the Biden administration. That breach, which the FBI attributed to a gang called DarkSide, led to a spike in gasoline prices, panic buying and localized fuel shortages.
The attack on Halliburton highlights the growing threat posed by cybercriminals to critical infrastructure. As the world becomes increasingly interconnected, it is becoming increasingly difficult to protect essential services from cyberattacks.
The Need for Enhanced Cybersecurity
Companies in this industry must invest in robust security systems and train their employees to be aware of the latest cyber threats. The government must also play a role in protecting critical infrastructure from cyberattacks. This could include providing financial assistance to companies to help them improve their cybersecurity, as well as developing new regulations to strengthen the security of critical infrastructure.
Note: The article has been updated post the SEC Filing by Halliburton.
