The US oilfield services firm Halliburton reported on 21 August 2024 that it was hit by a cyber-attack. Halliburton said it was aware of an issue affecting certain systems at the company and was working to determine the cause and impact of the problem. A spokesperson said in an emailed statement that the company was also working with "leading external experts" to fix the issue.
The attack appeared to impact business operations at the company's north Houston campus and some global connectivity networks, the person said, who declined to be identified because they were not authorized to speak on the record. The mystery person reported that the company had asked some staff not to connect to internal networks. Houston, Texas-based Halliburton is one of the largest oilfield services firms in the world, providing drilling services and equipment to major energy producers around the globe. It had nearly 48,000 employees and operated in more than 70 countries at the end of last year.[1]
Cyber-attacks have been a major headache for the energy industry. In 2021, hackers attacked the Colonial Pipeline with ransomware, causing a days-long shutdown to the significant fuel supply line. That breach, which the FBI attributed to a gang called DarkSide, led to a spike in gasoline prices, panic buying, and localized fuel shortages.
Several major US companies have suffered ransomware attacks in recent years, including UnitedHealth Group gambling giants MGM Resorts International Caesars Entertainment CZR.O and consumer goods maker Clorox.
While it is unclear what exactly is happening at Halliburton, ransom software works by encrypting victims' data. Typically, hackers will offer the victim a key in return for cryptocurrency payments that can run into hundreds of thousands or even millions of dollars. Hackers sometimes threaten to leak confidential data to pile on the pressure if the victim resists.
The ransomware group DarkSide, suspected by US authorities of the Colonial Pipeline attack, stated it wanted to make money. Colonial Pipeline's CEO said his company paid a $4.4 million ransom as executives were unsure how badly its systems were breached or how long it would take to restore the pipeline.
This article is shared at no charge and is for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424
[1] https://www.reuters.com/technology/cybersecurity/top-us-oilfield-firm-halliburton-hit-by-cyberattack-2024-08-21/
Comments