Pharmaceutical Processing World

  • Home
  • Regulatory
    • Recalls
  • Pharmaceutical Processing
  • Facility
  • Supply Chain
  • Equipment and Materials
  • Contract Manufacturing
  • R&D 100 Awards

Cyberattacks against pharma rose in 2020 — but gauging their impact could take time

By Brian Buntz | December 31, 2020

Hacker

Image from Hacker Noon on Unsplash

The number of attempted cyberattacks on the pharma sector has surged in 2020, but it may be too soon to assess their damage.

Evidence of the uptick can be found in attempts by cybercriminals with ties to Iran, China and Russia to break into networks from top pharma companies and the World Health Organisation. 

Earlier this month, cybercriminals obtained data related to the COVID-19 vaccine from Pfizer (NYSE:PFE) and BioNTech (NSDQ:BNTX) after breaching the European Medicines Agency. The attacker obtained documents related to the regulatory submission for the BNT162b2 vaccine, according to a statement from BioNTech. 

Recently, cybercriminals with likely ties to North Korea launched a phishing campaign against AstraZeneca (LON:AZN) to gain access to the company’s internal servers. According to the Wall Street Journal, hackers affiliate North Korea have attempted to steal COVID-19 vaccine data from  Johnson & Johnson (NYSE:JNJ) and Novavax (NSDQ:NVAX). Also reportedly on hackers’ hit list are the South Korean vaccine developers Genexine Inc., Shin Poong Pharmaceutical Co. (KRX: 019170) and Celltrion (KRX: 068270). 

That fact reflects a broader trend. In 2020, there has been a considerable increase in the number of cyberattacks. In particular, there has been a surge in phishing and ransomware from cybercriminals looking to exploit the pandemic. “From our own statistics, we’re seeing a 20% increase in web application attacks,” said Terry Ray, SVP at the cybersecurity company Imperva. 

Web applications are widely used in the pharmaceutical industry for the simple reason that they facilitate collaboration and information sharing, Ray said. 

While some reports suggest that the number of successful breaches has decreased as attacks have increased, “that doesn’t make sense to me,” Ray said. In reality, it may simply be too soon to assess their impact. 

Security teams with the pharmaceutical, healthcare and manufacturing sectors have been forced to divert from standard practices. “This year, half of their focus has been on how to make their workforce more remote,” Ray said. As a result, there is less time for threat research, incident response and incident analysis. 

“We know that most companies don’t actually identify their own breach,” Ray said. “Somebody else tells them.” 

While nation-state-backed actors are targeting pharmaceutical companies to obtain vaccine data and information, they are in the minority. Nearly half (48%) of breaches in the broader healthcare sector have been from internal threat actors, according to the 2020 Data Breach Investigations Report from Verizon.  

No matter the source of a breach, assessing the impact of a single breach can take months. In general, the average time to detect and contain a breach in 2020 was 280 days, according to IBM. 

Ray suspects the number will increase because “you have fewer people looking at more things and trying to make sense of them,” Ray said. “For sure there are nation-state attacks that are going against [pharmaceutical companies] to try and get IP, but I think there are also people who are being opportunistic, saying, ‘I’m out of a job. I might as well be hacking.’”

Tell Us What You Think! Cancel reply

Related Articles Read More >

Beckman Coulter
Beckman Coulter Life Sciences names Suzanne Foster as president 
Comau
Comau launches cleanroom-classified high-speed industrial robot
Purdue University
Purdue University launches institute for advanced manufacturing of pharmaceuticals
sustainability
How pharma can optimize for right-the-first-time drug manufacturing and sustainability

DeviceTalks Tuesdays

DeviceTalks Tuesdays

MEDTECH 100 INDEX

Medtech 100 logo
Market Summary > Current Price
The MedTech 100 is a financial index calculated using the BIG100 companies covered in Medical Design and Outsourcing.

Need Pharmaceutical Processing news in a minute?

We Deliver!
Pharmaceutical Processing Enewsletters get you caught up on all the mission critical news you need. Sign up today.
Enews Signup
Pharmaceutical Processing World
  • Subscribe to Our Free E-Newsletter
  • Contact Us
  • About Us
  • Advertise With Us
  • R&D World
  • Drug Delivery Business News
  • Drug Discovery & Development
  • DeviceTalks
  • MassDevice
  • Medical Design & Outsourcing
  • MEDICAL TUBING + EXTRUSION
  • Medical Design Sourcing
  • Medtech100 Index

Copyright © 2022 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search Pharmaceutical Processing World

  • Home
  • Regulatory
    • Recalls
  • Pharmaceutical Processing
  • Facility
  • Supply Chain
  • Equipment and Materials
  • Contract Manufacturing
  • R&D 100 Awards