Major U.S. oil field services firm Halliburton has confirmed its IT systems were impacted by a cyberattack after initially disclosing an issue with its systems, reports SC Media.
Some of Halliburton's systems have already been taken down to mitigate the incident amid ongoing efforts to assess its extent and restore affected systems, said the firm in a filing with the Securities and Exchange Commission (SEC).
However, additional details regarding the cause and perpetrators of the breach, as well as potential extortion, remain uncertain. Halliburton's confirmation has prompted ColorTokens Field Chief Technology Officer Venky Raju to urge organizations to adopt network microsegmentation controls and bolster audits for all internet-exposed devices.
On the other hand, the incident was noted by Axio Senior Cybersecurity Advisor Richard Caralli to have possibly involved the exploitation of poor cybersecurity practices. "These attacks don't necessarily involve advanced technology. Rather, they often succeed because of lapses in basic security measures. Mistakes, misconfigurations, and a lack of ongoing evaluation create vulnerabilities that can be easily exploited," said Caralli.