Western government agencies have been warning of an increase in cyber espionage from nefarious black hats and governments for years. The targets have typically been government and financial installations. But a new warning suggests that biotechnology could be a key target for cyber hackers.
Western government agencies have been warning of an increase in cyber espionage from nefarious black hats and governments for years. The targets have typically been government and financial installations. But a new warning suggests that biotechnology could be a key target for cyber hackers.
Recently, the federal National Counterintelligence and Security Center (NCSC) pegged biotechnology as a rich target for foreign hackers. A Chemistry World article noted that the government report points to the biopharmaceutical industry in particular as a potential target. Chemistry World reported that “biomaterials, biopharmaceuticals and new vaccines and drugs as of particular interest” to foreign hackers. Additionally, the government report said hackers are interested in garnering information on advanced medical devices, infectious disease treatment and genetically modified organisms.
“The United States remains a global center for research, development, and innovation across multiple high-technology sectors. Federal research institutions, universities, and corporations are regularly targeted by online actors seeking all manner of proprietary information and the overall long-term trend remains worrisome,” the NCSC report said.
The threat is not a new one. The pharmaceutical industry has already been hit with multiple cyber-attacks. Last year, pharma giant Merck was the target of an attack. In June 2017, Merck & Co., among other companies, was targeted by a malware attack that was believed to have originated in Ukraine. The malware strain, known as NotPetya, is a type of ransomware, and it shut down computer systems and sought to extort funds from companies in order to release those compromised systems.
When Merck was hit by the malware, the company said the event forced it to halt production, which hurt profits. It was enough to prompt federal lawmakers to take action after they feared drug shortages.
Cyber attacks, particularly ransomware attacks, are expected to be on the rise in the next few years. Earlier this summer, Kaspersky Lab’s APT trends report for 2017 pointed to hackers targeting corporate interests, including energy companies, TechRepublic reported.
Since the Merck attack, the threat of cyber warfare against the pharma industry has not waned. In March, Security Week highlighted a number of attacks on pharma and healthcare groups over the past year. The report noted that a U.S. clinic was attacked and data information from a Phase II trial was stolen. The report did not name the clinic, nor did it name the company or companies that were involved with the trial. Security Week noted that the same cyber bandit may have also been responsible for a similar attack on a U.K.-based facility that experienced a data breach of Phase II information.
The attacks on Merck and the other healthcare facilities highlights a need for companies to place a premium on data security. And that’s something that pharma companies appear to be making investments in, Pharmaceutical-Technology reported. Citing a GlobalData survey, PT reported that 79 percent of pharmaceutical companies are making investments in identity & access management (IAM) solutions. These investments are driven by the “need to manage electronic user identities and ensure data privacy while avoiding any misuse of critical business information.”
The same survey shows that pharma companies are also investing in data backup and archiving services to protect their proprietary information.
