Energy industry contractor says ransomware attack has limited access to IT systems

A major contractor for the energy industry confirmed in a notice to regulators that it is dealing with a ransomware attack that has hindered operations. 

ENGlobal Corporation filed a report to the U.S. Securities and Exchange Commission Monday evening explaining that the ransomware attack was discovered on November 25. 

“The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology system and encrypted some of its data files,” the Oklahoma-based firm said. 

ENGlobal Corporation has restricted employee access to its IT system, limiting it to only essential business operations. The company explained that it has taken several steps to address the issue, including starting an internal investigation and hiring external cybersecurity experts. 

“The timing of restoration of full access to the Company’s IT system remains unclear as of the date of this filing,” ENGlobal Corporation said, adding that it hasn’t been able to determine yet if it would have a material impact on its financial performance.

No ransomware gang has taken credit for the incident as of Monday afternoon. 

ENGlobal Corporation designs and constructs automated control systems used by commercial companies and the federal government. Founded in 1985, the company offers planning and facility design in the energy field in both the U.S. and abroad. The company reported nearly $6 million in revenue last quarter and $18.4 million for the first nine months of the year. 

It says it specializes “in turnkey automation and instrumentation systems for the U.S. Defense industry.” 

Last year, a ransomware attack on building automation giant Johnson Controls alarmed officials at the Department of Homeland Security because of the company’s involvement in producing fire, HVAC and security equipment for buildings. Attacks like those involving ENGlobal Corporation and Johnson Controls may expose sensitive documents, contracts and plans of U.S. government facilities. 

Three weeks ago, another prominent contractor for the energy industry reported a ransomware attack to the SEC and over the weekend, an unnamed ransomware gang attacked the state-owned energy provider for Costa Rica.