USNational Security

Cyberattack at Halliburton Forces Energy Company to Take Systems Offline

The breach happened amid worries about growing cyber threats to U.S. critical infrastructure.
Save
Cyberattack at Halliburton Forces Energy Company to Take Systems Offline
The company logo of Halliburton oilfield services corporate offices in Houston on April 6, 2012. Richard Carson/Reuters
Naveen Athrappully
Updated:
0:00

Halliburton, a key player in the oil and gas sector, has confirmed that it suffered a cyberattack and is currently focused on restoring the affected systems.

“On August 21, 2024, Halliburton Company became aware that an unauthorized third party gained access to certain of its systems,” the company said in an Aug. 21 filing with the U.S. Securities and Exchange Commission (SEC).

After learning about the issue, Halliburton, with headquarters in Houston and Dubai, “activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the unauthorized activity,” it said.

“The Company’s response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement,” it stated.

Halliburton said it was working to restore systems. It is unclear whether there were any negative impacts on the company following the breach. Information about the nature of the attack or the identity of the attackers has not been revealed.

The company’s shares have not been impacted since the SEC filing, ending Aug. 20 at $31.08. It was trading at $31.52 as of 10:10 a.m. EDT on Friday.
Related Stories
Privacy Commissioner Launches Investigation Into Ticketmaster Canada Cybersecurity Breach
7/31/2024
Privacy Commissioner Launches Investigation Into Ticketmaster Canada Cybersecurity Breach
Increasing Cybersecurity Breaches Result in Higher Consumer Prices, IBM Report Reveals
7/30/2024
Increasing Cybersecurity Breaches Result in Higher Consumer Prices, IBM Report Reveals
Halliburton is one of the leading providers of products and services in the oil and gas industry, operating in more than 70 countries and employing more than 40,000 people.

The attack comes amid concerns about increasing cyber threats targeting U.S. energy companies.

Back in 2021, the Colonial Pipeline was hacked by cyber criminals, which led to the 550-mile-long network of pipelines shutting down for many days. This triggered concerns about fuel shortages and panic-buying in some states along the East Coast.

The company revealed it paid $4.4 million in ransom to attackers.

At the time, agencies including the FBI had argued against paying the ransom, warning that such actions would only embolden cybercriminals to launch similar attacks. The U.S. Department of Justice said it later recouped most of the bitcoins paid by Colonial as ransom.

Protecting Critical Infrastructure

In February, FBI Director Christopher Wray warned during a speech that U.S. critical infrastructure was facing “massive” cyber threats from the Chinese Communist Party.

“In fact, China-sponsored hackers pre-positioned for potential cyberattacks against U.S. oil and natural gas companies way back in 2011,” he said.

“But these days, it’s reached something closer to a fever pitch. What we’re seeing now, is China’s increasing buildout of offensive weapons within our critical infrastructure, poised to attack whenever Beijing decides the time is right.”

Last month, the FBI warned that the country’s renewable infrastructure was at risk of cyber attack, with hackers seeking intellectual property or aiming to disrupt operations.

The FBI highlighted a case from 2019 in which a firm lost its ability to monitor around 500 megawatts of wind and solar sites in multiple states due to an attack that exploited an unpatched firewall.

“While it was unclear if this specific incident was a deliberate cyberattack targeting this specific company, the incident highlighted the risks posed by a security posture that relies on outdated software,” the agency said.

According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), around 48 percent of the country’s electricity is produced through combusting coal that is primarily transported by rail, 20 percent via nuclear power, and 22 percent via natural gas.

Since almost all industries are heavily reliant on electricity, business sectors across the country depend on the energy sector, which makes protecting the industry crucial.

“The energy sector is well aware of its vulnerabilities and is leading a significant voluntary effort to increase its planning and preparedness. Cooperation through industry groups has resulted in substantial information sharing of best practices across the sector,” CISA said.

Many owners and operators in the sector “have more recently focused their attention on cybersecurity,” the agency added.

In 2023, the White House issued the National Cybersecurity Strategy, which specifically highlighted the need for better cybersecurity policies for electricity distribution infrastructure and distributed energy resources.
Naveen Athrappully
Naveen Athrappully
Author
Naveen Athrappully is a news reporter covering business and world events at The Epoch Times.