US based oil giant Halliburton was hit by a cyber attack on Wednesday and is now facing computer system issues as a result.
Business operations have been impacted both in the company's main Houston campus and across its global network.
“We are aware of an issue affecting certain company systems and are working diligently to assess the cause and potential impact,” a Halliburton spokesperson said in a statement. “We have activated our pre-planned response plan and are working internally and with leading experts to remediate the issue,” they confirmed
Halliburton remains vague around the specifics of the nature of the issue as they look into it, however, reports suggest that they asked staff not to connect to internal networks.
Why has Halliburton been targeted?
All industries are seeing an unprecedented rise in cyber attacks this year, from healthcare systems like McLaren Health Care, major players like CDK Car Dealerships being shut down and even all Americans' social security numbers being leaked.
While the exact nature of the attack on Halliburton is yet to be confirmed, attacks on companies of this size are typically ransomware related. This is because taking systems offline and holding them ‘hostage’ is highly financially viable . Large corporations like Halliburton often possess sensitive data, such as intellectual property, financial records, and customer information. This data can be extremely valuable to attackers, who can sell it on the dark web or use it for further malicious activities.
As a major player in the energy industry, Halliburton's operations are considered critical infrastructure. Disrupting these operations can have significant economic and societal impacts, making the company a high-value target for attackers.
Large corporations often have limited leverage in negotiations with ransomware attackers. The attackers may demand significant sums of money, knowing that the victim may be willing to pay to avoid more extensive damage.
Though ransomware is the most likely reasoning behind the current Halliburton issue, it could also be another type of cyberattack such as corporate espionage. However, given the financial incentives and the potential for significant disruption, ransomware remains a primary threat to large corporations like Halliburton.
Ransomware attacks can be devastating. While prevention is always the best approach, understanding how to respond to an attack can minimize damage and potentially recover lost data.
Halliburton confirmed that they are ‘working diligently to assess the cause and potential impact’ and have a ‘pre-planned response’.
Incident response plans typically involve quickly isolating infected systems to prevent the ransomware from spreading to more critical systems. They will use network segmentation to contain the attack and limit its impact.
The team will then look into offsite backups to restore data. If these are not sufficient they may also employ data recovery services. In some cases, companies may choose to negotiate with the attackers under the guidance of cybersecurity experts.
What is Halliburton?
Halliburton is a multinational oilfield services company, which means it plays a crucial role in the exploration, development, and production of oil and gas resources. Halliburton is one of the world's largest providers of products and services to the energy industry.
The company's services include:
- Drilling services: Providing equipment and expertise for drilling oil and gas wells.
- Completion services: Completing wells after they are drilled, including cementing, perforating, and installing downhole equipment.
- Production services: Enhancing the production of oil and gas from existing wells.
- Evaluation services: Analyzing geological data to identify potential oil and gas reserves.
Halliburton’s head office is located in Houston, Texas, boasting over 48,000 employees. The company operates in over 70 countries, serving clients in both mature and emerging markets.