Dive Brief:
- Newpark Resources, a Texas-based oilfield services provider, disclosed a ransomware attack in a regulatory filing Thursday with the Securities and Exchange Commission.
- On Oct. 29, Newpark discovered an unauthorized actor had gained access to some of its internal information systems, disrupting its access to those systems and business operations. However, the company said its manufacturing and field operations continued using established downtime procedures.
- Newpark has not yet determined the full scope and financial implications of the attack, however officials do not expect the impact to be material to operations.
Dive Insight:
The Newpark Resources attack took place about two months after a cyberattack against oilfield services giant Halliburton, which also disclosed the incident in a regulatory filing.
Halliburton just last week said the attack led to about $35 million in expenses, but the financial impact is relatively small considering that Halliburton is one of the world’s largest energy services companies.
Following the attack, Halliburton had to delay billing and collections and pause its share buyback program. But the company said the full impact will not be material to company operations.
The security of oil services companies are considered a key focus from a cybersecurity standpoint, as they provide essential materials and services to the energy sector. The energy sector has been one of top critical infrastructure providers under threat from ransomware groups and state-linked adversaries in recent years.
Chris Grove, director of cybersecurity strategy at Nozomi Networks, said the Newpark Resources attack highlights the importance of network segmentation, in order to protect networks when IT systems are under attack.
“Segmenting OT from IT limits the consequences to key operations in the event of a security breach,” Grove said in a statement. “However, organizations are facing an increasingly pressing challenge: maintaining the security benefits of segmentation while enabling controlled connectivity.”
Researchers from NCC Group told Cybersecurity Dive via email that no data from the Newpark Resources attack has appeared on any leak site and no claim has been made.