Top US oilfield firm Halliburton hit by cyberattack, source says

By Liz Hampton

HOUSTON (Reuters) - U.S. oilfield services firm Halliburton on Wednesday was hit by a cyberattack, according to a person familiar with the matter.

Halliburton said it was aware of an issue affecting certain systems at the company and was working to determine the cause and impact of the problem. The company was also working with "leading external experts" to fix the issue, a spokesperson said in an emailed statement.

The attack appeared to impact business operations at the company's north Houston campus, as well as some global connectivity networks, the person said, who declined to be identified because they were not authorized to speak on the record.

The company has asked some staff not to connect to internal networks, the person said.

Houston, Texas-based Halliburton is one of the largest oilfield services firms in the world, providing drilling services and equipment to major energy producers around the globe. It had nearly 48,000 employees and operated in more than 70 countries at the end of last year.

Cyberattacks have been a major headache for the energy industry. In 2021, hackers attacked the Colonial Pipeline with ransomware, causing a days-long shutdown to the major fuel supply line.

That breach, which the FBI attributed to a gang called DarkSide, led to a spike in gasoline prices, panic buying and localized fuel shortages.

Several major U.S. companies have suffered ransomware attacks in recent years, including UnitedHealth Group, gambling giants MGM Resorts International, Caesars Entertainment CZR.O and consumer good maker Clorox.

While its unclear what exactly is happening at Halliburton, ransom software works by encrypting victims' data. Typically, hackers will offer the victim a key in return for cryptocurrency payments that can run into the hundreds of thousands or even millions of dollars.

If the victim resists, hackers sometimes threaten to leak confidential data in a bid to pile on the pressure.

The ransomware group DarkSide, suspected by U.S. authorities of the Colonial Pipeline attack, for example, said it wanted to make money. Colonial Pipeline's CEO said his company paid a $4.4 million ransom as executives were unsure how badly its systems were breached or how long it would take to restore the pipeline.

(Reporting by Liz Hampton in Denver and Chris Sanders in Washington)