COVID-19 Research Company Hit by Ransomware

Cyber attacks on the healthcare industry continue to rise during the COVID-19 pandemic. The latest attack may have slowed down coronavirus research worldwide.

Over the last few weeks, the healthcare industry has been in the limelight. Several medical facilities and healthcare groups have been hit by ransomware attacks. We have discussed how the healthcare industry is a soft target, that they need to dedicate more of their budgets to cyber security, and that these attacks can be crippling and even cause death in patients. This issue isn’t going anywhere, and the latest victim, eResearchTechnology, says their attack slowed down COVID-19 research. The impact is potentially worldwide.

eResearchTechnology is a Philadelphia-based medical software company. Their software, which provides tools for conducting clinical trials, is utilized by pharma companies around the globe. This includes the trials for COVID-19 vaccines. The attack started on September 20, at which point systems were taken offline. The company says the threat is contained and they are in recovery mode. Motivation for these attacks is currently unknown, although the attacker could range from anyone who is financially motivated to someone who is backed by a nation-state looking to gain an advantage in coronavirus research.

The company was forced to switch to pen and paper for tracking patient data when systems were taken offline, bringing the entire process to a screeching halt. Which poses a problem for any company using its software worldwide. eResearchTechnology was involved in tracking 75% of drug approval trials in 2019. IQVIA and Bristol Myers Squibb were both impacted, but Pfizer and Johnson & Johnson state they have not seen any impact at this time. The two impacted companies mentioned that thanks to data backups, the impact was minimal, which cannot be said for each company affected by this attack.

“There’s been an intense upscale in attacks,” Chloé Messdaghi, vice president of strategy at Point3 Security told Threatpost. “Anything connected to sensitive data for COVID-19 is definitely under threat by foreign nation-state actors or foreign competing companies looking to find usable information. Or, it could be an individual attacker or a group of attackers trying to collect money. Attackers understand this has exceptional worth because the companies are very well positioned financially, and that clinical trials make a quick payoff very advantageous.”

There are a few things to take away from this attack.

***Click here for full text***

Originally published at https://www.pwvconsultants.com on October 9, 2020.