Who:
Victim: Halliburton, a major oil and gas services company.
Perpetrator: RansomHub ransomware gang.
What:
Incident: A ransomware attack on Halliburton by the RansomHub gang on August 21, 2024. The attack caused significant disruptions, preventing customers from generating invoices or purchase orders due to downed systems.
Response: Halliburton activated its cybersecurity response plan, involved external advisors including Mandiant, took systems offline to protect them, and notified law enforcement. They also provided customers with a list of Indicators of Compromise (IOCs) for detection and mitigation.
Impact:
Operational Disruption: Halliburton's IT systems and business operations were widely affected, creating a major impact on its customers in the oil and gas industry.
Customer Trust: Lack of detailed communication from Halliburton has caused uncertainty among customers, with some disconnecting from the company.
Broader Risk: Other oil and gas companies are assessing their own vulnerabilities in coordination with ONG-ISAC, an industry cybersecurity agency.
Threat Landscape: The FBI issued a warning about RansomHub, which has been involved in multiple high-profile attacks this year, indicating the group's growing threat to critical infrastructure.
Read the full article HERE