Halliburton has confirmed that information was stolen within the Aug. 21 cyberattack on its networks.
The power companies firm — which has a worldwide presence in oil fields and runs a number of the world’s largest fracking operations — mentioned in an 8K submitting with the Securities and Alternate Fee at this time that “the corporate believes the unauthorized third celebration accessed and exfiltrated info from the corporate’s programs.”
Halliburton had beforehand disclosed that the assault (unattributed, for now) induced it to take some programs offline. The cyber offensive “restricted entry to “parts of the corporate’s enterprise purposes supporting facets of the corporate’s operations and company capabilities,” based on the most up-to-date submitting.
For now, different particulars are beneath wraps, however the oil-and-gas behemoth mentioned that the total results of the incident are nonetheless unknown. It talked about that it was restoring programs and “following process-based security requirements for ongoing operations,” presumably referring to bodily operations within the subject. It additionally mentioned that it does not anticipate the cyberattack to have a materials impact on its funds.
The corporate didn’t instantly return a request for remark from Darkish Studying.
Takeaways for Oil & Fuel and Past
Marcus Fowler, CEO of Darktrace Federal, says that whereas the extent of the Halliburton assault is unknown, the truth that it was focused in any respect must be a warning to different important infrastructure suppliers to realize visibility into potential weaknesses inside their networks and shore up defenses.
“[This sector is] more and more pursuing IT and operational know-how (OT) convergence as the information assortment and evaluation advantages can dramatically enhance manufacturing effectivity, upkeep, and scaling,” he notes. “Nevertheless, as OT safety struggles between legacy programs and the increasing wave of IT and OT interconnectivity inside their environments, the danger of cyber-physical assaults continues to develop.”
Particularly since, “with IT/OT convergence increasing assault surfaces, safety personnel have elevated workloads that make it troublesome to maintain tempo with threats and vulnerabilities,” he provides.
Thus, utilities and different important infrastructure organizations ought to take speedy steps to stop this type of unauthorized distant entry to IT and OT networks, and implement fundamental instruments like microsegmentation controls inside networks to restrict lateral motion.
“The latter is much more pressing because the adversaries might have already planted backdoors by utilizing undetected zero-day exploits,” explains Venky Raju, subject CTO at ColorTokens. “Nation-state actors have already demonstrated their skill to penetrate and assault important infrastructure programs within the US. To date, it has been restricted to small utilities just like the water provide system in Muleshoe, Texas, and many others. We’ll quickly know if the Halliburton assault is an escalation by one among these teams, or an assault on their IT networks by a distinct actor.”