Oil industry giant Halliburton confirms 'issue' following reported cyberattack

Halliburton, one of the world’s largest oilfield service companies, has confirmed an unspecified issue has impacted the corporation’s networks following a reported cyberattack.

As first reported by Reuters, the multinational was hit by the attack on Wednesday, with the incident appearing to impact operations at its headquarters in Houston. It is not clear if operations at the company’s other locations are also affected.

Shares in Halliburton — which employs almost 48,000 people globally and recorded revenues in excess of $23 billion last year — were largely flat Thursday morning on the New York Stock Exchange. .

The company provides services such as identifying oil and gas resources and assisting the owners to manage the extraction process. It had been a major partner to Russia’s Gazprom, Rosneft and Lukoil before the invasion of Ukraine, although these operations were sold in September 2022.

The nature of the cyberattack is unclear. Citing a person familiar with the matter, Reuters reported that some of the corporation’s staff had been instructed not to connect to the company’s internal networks.

Halliburton’s spokesperson told Recorded Future News: “We are aware of an issue affecting certain company systems and are working diligently to assess the cause and potential impact.

“We have activated our preplanned response plan and are working internally, and with leading external experts, to remediate the issue.”

Public companies in the United States are required to disclose material cybersecurity incidents to the country's Securities and Exchange Commission (SEC) within four business days of discovering them. Halliburton has not yet filed an 8-K report.

As one of the most critical industries globally, the petroleum sector has often been targeted by cyberattacks — ranging from the financially motivated criminal ransomware incidents targeting Shell and Colonial Pipeline, through to the potentially destructive state-sponsored Triton attack on an industrial facility in Saudi Arabia.

Unlike the ransomware attack on Colonial Pipeline in May 2021 — which caused panic buying and disrupted fuel distribution across the southeastern United States — it is unlikely that disruption to Halliburton’s operations will impact gas supplies.

The nature of the attack if disclosed may indicate who the perpetrator is. The FBI issued an alert last year to the energy sector warning that supply changes were likely to increase Chinese and Russian cyberattacks targeting the sector, seemingly referencing both criminal and state-sponsored campaigns.