A ransomware assault has considerably disrupted the operations of a key provider to the US oil trade.
In a regulatory submitting despatched to the US Securities and Alternate Fee (SEC) on November 7, Texan firm Newpark Sources mentioned an unauthorized third occasion gained entry to a few of its inside data programs on October 29, an intrusion that led to a ransomware assault.
Newpark Sources is a worldwide supplier of value-added drilling fluids programs and composite matting programs generally utilized in oilfields.
Among the firm’s trade companions embrace the American Petroleum Institute, the Unbiased Petroleum Affiliation of America (IPAA) and the US Chamber of Commerce.
Learn extra: The Colonial Pipeline Assault Eight Months On
Newpark’s Incident Response Plan Shortly Activated
Within the SEC submitting, Newpark Sources mentioned that the assault had precipitated disruptions and restricted entry to some vital programs and enterprise purposes supporting elements of its operations and company features, together with monetary and working reporting programs.
“Nevertheless, the corporate’s manufacturing and area operations have continued in all materials respects using established downtime procedures,” the report added.
In response to this assault, Newpark engaged inside assets and exterior advisors to research and include the incident, aligning with its cybersecurity response plan.
The corporate continues to be evaluating the scope and influence of the assault, particularly regarding potential monetary implications. Nevertheless, it doesn’t anticipate the incident will have an effect on its monetary stability.
“Primarily based on the corporate’s present information of the information and circumstances associated to this incident, the corporate believes that this incident isn’t fairly prone to materially influence the corporate’s monetary situation or outcomes of operations,” learn the report. “Ought to any of the related information and circumstances substantively change, the corporate will make any required disclosures.”
US Oil and Fuel Business at Danger
The US power sector is at a very excessive danger of provide chain assaults, with 45% of safety breaches hitting this trade previously yr being third-party associated, in keeping with analysis printed in October 2024 by SecurityScorecard and KPMG.
Andrew Lintell, basic supervisor for EMEA at industrial cybersecurity supplier Claroty, mentioned the sector is poised to be at even greater danger following Donald Trump’s election, given the president-elect’s ambitions for increasing the oil trade.
“Important sectors like oil and gasoline are a high goal for ransomware assaults seeking to disrupt vital industries. With the Trump administration stating that it’ll improve the variety of oil drilling websites throughout the US, it’s clear that the sector shall be beneath an growing risk,” he mentioned.
“With the US now the biggest oil producer, even partial shutdowns of data programs can have severe implications on operational continuity and monetary stability. As oil drilling turns into extra superior and interconnected operational expertise (OT) utilization grows, we’ll see increasingly more alternatives for cybercriminals to take advantage of weaknesses.”
Signal as much as our upcoming webinar now: Navigating Exposures in Power ICS Environments
