ENGlobal Corporation, a Texas-based provider of engineering and automation services to the US energy sector and federal government, has restricted access to its IT systems following a cyberattack. The company, which counts the US Department of Defense and Department of Energy among its customers, is currently operating at a limited capacity, with only essential business operations being maintained.

The cyberattack, which was detected on November 25, resulted in a threat actor accessing ENGlobal's systems and encrypting some of its data files. While the company has not explicitly confirmed the incident as a ransomware attack, the encryption of data files suggests that this may be the case. ENGlobal is currently investigating the incident and working to restore full access to its IT systems.

The timing of the restoration of full access to ENGlobal's IT system remains unclear, and the company has not yet determined whether the incident will have a material impact on its financial results. This lack of clarity is likely to be a concern for investors and customers alike, given the critical nature of the services ENGlobal provides to the energy sector and federal government.

The incident highlights the ongoing vulnerability of companies in the energy sector to cyberattacks. In recent years, there have been several high-profile attacks on energy companies, including the 2020 attack on Colonial Pipeline, which resulted in widespread fuel shortages. The energy sector's reliance on complex systems and infrastructure makes it an attractive target for cybercriminals, and companies like ENGlobal must remain vigilant in the face of these threats.

The incident also raises questions about the security of government contractors and the potential risks they pose to national security. As a provider of services to the US Department of Defense and Department of Energy, ENGlobal has access to sensitive information and systems. While the company has not indicated that any sensitive information was compromised in the attack, the incident serves as a reminder of the need for government contractors to prioritize cybersecurity and protect against potential threats.

As the investigation into the incident continues, ENGlobal will be working to restore full access to its IT systems and minimize the impact on its business operations. The company's customers and investors will be watching closely, and the incident serves as a reminder of the ongoing need for vigilance in the face of cyber threats.