Critical Infrastructure Security , Fraud Management & Cybercrime , Ransomware

Oil Services Giant Halliburton Disrupted by Hack Attack

Company Reportedly Instructs Staff to Not Connect to Internal IT Systems
Oil Services Giant Halliburton Disrupted by Hack Attack
Oil services giant Halliburton acknowledged an "issue" that could be ransomware. (Image: Shutterstock)

Oil services giant Halliburton is reportedly dealing with an IT disruption tied to a Wednesday hack attack.

See Also: Top 10 Actions During a Ransomware Attack

The company told Reuters, which first reported the disruption, that it's still probing the cause and scope of the outage, working in conjunction with "leading external experts."

Speaking on condition of anonymity, a person with knowledge of the attack told Reuters that the incident appeared to disrupt the company's Houston campus, as well as some global connectivity, and that the company has requested staff not connect to internal IT resources.

A company spokesperson contacted by CNN refused to confirm or deny that Halliburton suffered a cyberattack but did acknowledge an unspecified "issue."

Founded in Oklahoma in 1919, publicly traded Halliburton is one of the world's largest providers of products and services to the energy industry. The company, now Houston-based, reported second-quarter revenue of $5.8 billion and net income of $709 million and said that as of the end of June, it counted 49,000 employees working in more than 70 countries.

Instructing employees not to connect to the corporate network is often a sign that a suspected ransomware infection has taken hold, which threatens to spread crypto-locking malware to all connected systems.

While Halliburton hasn't confirmed if its disruption is ransomware, it wouldn't be the first firm in the energy industry to fall victim. Experts have also warned of a rise in big game hunting attacks by more elite ransomware groups seeking bigger ransom payments by targeting larger victims (see: Ransomware Again on Track to Achieve Record-Breaking Profits).

Although operating at the center of American critical infrastructure, Halliburton - like many critical infrastructure corporations - mostly determines for itself how much cybersecurity to apply in its networks. Industry successfully pushed back against a bipartisan attempt during the Obama administration to regulate critical infrastructure cybersecurity, rejecting it as heavy-handed and arguing that it would have mired cybersecurity practices in government bureaucracy. The voluntary approach that's been the status quo for more than a decade has been criticized by Biden administration officials, who have attempted to use existing regulatory authorities to create new cybersecurity requirements - with mixed success (see: US EPA Nixes Cybersecurity Assessments of Water Systems).

One of the most notable such attacks against the U.S. energy sector involved Colonial Pipeline Co., which on May 7, 2021, was hit by a ransomware-as-a-service operation called DarkSide. While the attack only disrupted the private company's billing operations - rather than operational technology environment - the company opted to shut down its entire pipeline.

In contrast, Halliburton is an upstream oil service firm and doesn't own or run any oil fields or pipelines. Instead, the company provides numerous services, ranging from exploration and drilling to pipeline services and software.

Whether or not any IT disruption affecting Halliburton might lead to pipeline disruptions isn't clear.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.