Halliburton, the world’s second-largest oil service company, confirmed that a Cyberattack hit its computer systems. The sudden attack caused ongoing disruptions at its Houston offices.1
The company has brought in experts to help investigate and handle the situation. While the full details of the attack aren’t clear, it looks like a typical Ransomware attack, with sensitive data encrypted and possibly held for a large ransom. The breach has affected Halliburton’s north Houston campus and some global networks.
Halliburton Faces Cyberattack: What Happened?
In a filing with the U.S. Securities and Exchange Commission (SEC), Halliburton also revealed that it discovered the breach on August 21, 2024, when it learned that a third party had accessed certain systems.
“When the Company learned of the issue, the Company activated its Cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the unauthorized activity,” the filing states. “The Company’s response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement. The Company’s ongoing investigation and response include restoration of its systems and assessment of materiality.”
In an updated SEC filing, Halliburton said the Cyberattack caused major disruptions and limited access to some IT systems. During the August attack, hackers stole corporate data from their systems.
RansomHub Suspected In Halliburton Cyberattack
By the end of August, reports suggested that the Ransomware group RansomHub was likely behind the attack on Halliburton.
While Halliburton hasn’t officially confirmed it was a Ransomware attack, their description points in that direction. The company has admitted that hackers accessed and stole information from its systems.
Neither RansomHub nor any other Ransomware group has taken responsibility for the attack, which might mean Halliburton paid a ransom to resolve the situation.
Cyberattack Costs Hit $35 Million
Halliburton’s financial report for Q3 2024 shows that the Cyberattack cost the company $35 million. The company has around 48,000 employees across 70+ countries through its subsidiaries and brands.
In the report, Jeff Miller, Halliburton’s CEO, said, “We experienced a $0.02 per share impact to our adjusted earnings from lost or delayed revenue due to the August Cybersecurity event and storms in the Gulf of Mexico. Our full year expectations for free cash flow and cash return to shareholders remain unchanged, and we expect both to accelerate in the fourth quarter.”
Ransomware Targets The Oil & Gas Industry
The oil and gas industry is a prime target for Ransomware attackers, who often use leak sites to pressure companies into paying ransoms. In 2021, Colonial Pipeline revealed they paid $4.4 million to get a decryption key after a Ransomware attack led to gas shortages across parts of the U.S.
Under the CIRCIA (Cyber Incident Reporting for Critical Infrastructure Act), businesses in this sector are required to report cyber incidents, which helps create a clearer picture of the industry’s vulnerabilities.
For your business, it’s necessary to take steps to defend against these threats. Regularly update your software, train employees to recognize phishing scams, back up critical data, and use strong security protocols.
Also, consider partnering with Cybersecurity experts who can help you develop an incident response plan so your business is ready to react quickly and effectively if an attack happens.
FAQ
What Happened In The Halliburton Cyberattack?
In the Halliburton Cyberattack, hackers gained unauthorized access to the company’s systems. Sensitive data was stolen, and some IT systems were temporarily unavailable. While it’s not officially confirmed as a Ransomware attack, it likely involved extortion.
What Steps Is Halliburton Taking In Response To The Cyberattack?
Halliburton has started an internal investigation with external advisors, taken some systems offline as a precaution, and notified law enforcement. They’re restoring affected systems, assessing the impact on data, and keeping customers and stakeholders informed, all while trying to maintain normal business operations despite the disruption.
How Can An Organization Defend From Cyberattacks?
The 2Secure team knows all too well how important it is to set up Ransomware attack simulations and penetration testing to identify vulnerabilities. You should also use strong endpoint protection, and have a backup and recovery plan in place. These measures help prevent attacks and ensure you can get your operations up and running quickly.
Source:
- XBRL Viewer. (2024). Sec.gov. https://www.sec.gov/ix?doc=/Archives/edgar/data/45012/000004501224000049/hal-20240821.htm