October ransomware attack exposed by Newpark Resources
In recent years, the energy sector has emerged as a top target for ransomware groups and state-linked adversaries, with oilfield services providers becoming increasingly vulnerable. This was recently exemplified by the attack on Halliburton, which resulted in a significant financial loss of $35 million, and the more recent attack on Newpark Resources.
Chris Grove, director of cybersecurity strategy at Nozomi Networks, emphasizes the importance of network segmentation in protecting networks during IT system attacks. By dividing a network into smaller, isolated sections, organizations can limit the spread of malware and reduce the potential damage of an attack.
The Newpark Resources attack, disclosed on October 29, 2021, disrupted the company's access to some of its internal information systems and business operations. The full extent and financial implications of the attack are still being determined. In contrast, Halliburton, the world's largest energy services company, reported relatively small financial impact from a similar attack.
Researchers from NCC Group have reported that no data from the Newpark Resources attack has been found on any leak site, and no claim has been made regarding the attack. Despite the disruption, Newpark's manufacturing and field operations continued using established downtime procedures.
Halliburton, on the other hand, was forced to delay billing and collections and pause its share buyback program following the attack. The security of oil services companies is a key focus from a cybersecurity standpoint due to their essential role in the energy sector.
To protect against such ransomware attacks, experts recommend regular security assessments and architecture reviews, enabling multi-factor authentication, implementing behavioral detection solutions, user education, regular backups, and keeping antivirus signatures, OS, and third-party applications up to date. By adopting a comprehensive and layered cybersecurity posture, organizations can harden defenses, reduce attack surfaces, detect potential threats early, and mitigate the impact should an attack occur.
Organizations also face a challenge in maintaining the security benefits of network segmentation while enabling controlled connectivity. According to Grove, segmenting Operational Technology (OT) from Information Technology (IT) can limit the consequences of a security breach to key operations.
As the threat of ransomware attacks continues to evolve, it is clear that the energy sector, and particularly oilfield services providers, must remain vigilant in their cybersecurity efforts to protect against these costly breaches.
- Cybersecurity strategies, such as network segmentation, are crucial in shielding organizations, particularly those in the energy sector like oilfield services providers, from the damaging impact of ransomware attacks, given their rising prevalence.
- Ensuring the security of oil services companies is vital from a cybersecurity standpoint, not only due to their central role in the energy sector, but also because ransomware attacks can inflict significant financial losses, as demonstrated by incidents like the attack on Halliburton and Newpark Resources.
