Oil giant Halliburton Co. was hit by a cyberattack on Wednesday that disrupted business operations at the company’s Houston, Texas campus, as well as some of its global networks.

The exact form of the attack has not been disclosed. Halliburton said only that it was aware of an issue affecting certain systems at the company and was working to determine the cause of the problem. Additionally, the company said it was working with “leading external experts” to fix the issue.

According to an unnamed Halliburton employee who spoke with Reuters, the company has asked some staff not to connect to internal networks.

Halliburton is a major provider of products and services to the energy industry, specializing in the exploration, development and production of oil and natural gas. Founded in 1919, the company offers various solutions, including well construction, well completion, drilling and production optimization. Halliburton operates in more than 70 countries, providing both onshore and offshore services.

Though the form of attack has not been disclosed, if it sounds like ransomware, it usually is. That Halliburton is asking employees not to connect to certain systems would indicate an internal effort to prevent the attack from spreading laterally across the network. And hiring external experts is usually near the top of any company’s ransomware reaction list.

If it is ransomware, it isn’t the first time an oil company or similar has been targeted. A ransomware attack on Colonial Pipeline Co. in 2021 caused disruptions and fuel shortages on the East Coast of the U.S.

The idea that it’s likely ransomware is also supported by cybersecurity experts.

“While this is purely speculation as only Halliburton officials and their security team know what is causing disruptions due to the cyberattack, it wouldn’t surprise me to learn that ransomware is the culprit,” Jim Doggett, chief information security officer at Active Directory security and recovery solutions provider Semperis Inc., told SiliconANGLE via email. “Kudos to Halliburton for activating their recovery plan that was in place to deal with these types of incidents.”

Erich Kron, security awareness advocate at security awareness training company KnowBe4 Inc., agreed that it has all the signs of a ransomware event.

“These attacks can be incredibly disruptive, stopping production and administrative tasks quickly and usually for an extended time,” Kron added. “Typical ransomware attacks will take an organization offline for at least seven days and will often take more than a month to recover completely.”

Image: SiliconANGLE/Ideogram