Halliburton is grappling with a significant computer system issue and media reports indicate that the oil industry giant is investigating a potential cyberattack. According to Reuters: “Halliburton said it was aware of an issue affecting certain systems at the company and was working to determine the cause and impact of the problem.”
“We are aware of an issue affecting certain company systems and are working diligently to assess the cause and potential impact,” a Halliburton spokesperson said in a statement reported on by CNN. “We have activated our pre-planned response plan and are working internally and with leading experts to remediate the issue.”
Looking at the significance of the cyber-incident for Digital Journal is Roman Arutyunov, Co-Founder at Xage Security.
Arutyunov is especially concerned about the rise of cyber threats facing both the oil and gas industry and the broader critical infrastructure sector.
Arutyunov sees a potential solution. This path forward is with implementing a zero trust cybersecurity framework across all U.S. infrastructure.
Arutyunov begins his analysis by outlining the events that have taken place: “The alleged cyberattack on Halliburton, the second-largest oil service company in the U.S., underscores the urgent need to strengthen our infrastructure against increasingly sophisticated cyber adversaries. Securing our infrastructure is not just about protecting individual companies; it’s about safeguarding the fabric of our society, economy, and global supply chain.”
In terms of the implications of these types of cyber-warfare, Arutyunov takes the issue down to the level of the average citizen: “Hits to our critical infrastructure have outsized impacts on everyday people. They can have environmental and safety risks.”
Furthermore: “They can also disrupt everyday life – as we saw with the most recent high-profile attack in oil and gas – the Colonial Pipeline attack of 2021. They also hurt the economy, which in turn, hurts us all. With regulations, oil and gas has made leaps to be more secure (other industries cannot boast 3 years between major attacks), but there’s a lot of work still left to do.”
At the heart of the ease of some of these attacks are internal weaknesses, which Arutyunov pinpoints: “Many companies still rely on outdated cybersecurity measures.”
There are measures that can should be taken, observes Arutyunov: “All critical infrastructure operators must adopt zero trust cybersecurity solutions, as this model has become essential in the fight against evolving threats.”
By this Arutyunov means: “Zero trust emphasizes robust authentication, continuous monitoring, and least privilege access, ensuring that every user and device is thoroughly verified and every access request is meticulously scrutinized.”
This comes together, citing back to the recent issue, as: “By embracing this approach, organizations like Halliburton can significantly bolster their cyber defences, reduce risks, and safeguard their critical systems and data from potential breaches.”