Cyber attackers targeting pharma cos for Covid-19 data: Cyfirma

Cyber-attack campaigns originating from Russia, China, Korea, and the Middle East have been targeting pharmaceutical companies, among other organisations in India to steal Covid-19 vaccine research data, patient information, clinical trials data, supply chain and vaccine production information, Singapore-based security research firm Cyfirma has said. Apart from India, organisations in 12 other countries are also being targeted. 

The company said in its report shared with ET that there are currently 15 active hacking campaigns underway and the targets are top pharmaceutical firms, hospitals and government health departments in India and other countries like US, UK, Japan, Australia and Spain. 

“The name and fame India has gathered in Covid-19 vaccine formulation and distribution is raising eyebrows amongst various groups. We have seen that most of these attacks on the healthcare sector and attack campaigns are being organised by state-sponsored groups,” said Kumar Ritesh, founder and CEO of Cyfirma, said. 

“The state sponsored attackers from various countries log onto dark web forums and state a high price point for the job. Cyber criminals then show interest and help in exfiltrating information from the companies and various nations. There are certainly Geopolitical and commercial motives behind such attacks,” he said. 

The ‘assets’ being targeted according to Cyfirma are pharmaceutical companies who are investing in medical research, clinical trials and vaccine production, vaccine supply chains, national vaccination campaigns, individual and personal information. 

Even government agencies in charge of approving vaccines, vaccine implementation tracking systems, and clinical trial information have emerged as key target areas, it said. 

Last year, major Indian pharmaceutical companies faced cyber-attacks on their IT facilities even as they were conducting vaccine trials. The report indicates that many of these cyber attack campaigns are being conducted since the first half of 2020. 

Indian pharma firm Dr Reddy’s Laboratories faced a cyber-attack in late October last year which forced it to shut down its production facilities briefly. The company had said in an exchange filing that it had isolated its data centre services as a preventive measure. The Hyderabad-headquartered drug maker reported the attack a few days after it had gotten regulatory approval to conduct human trials of a Russia's Sputnik V Covid-19 vaccine. 

In November, drug maker Lupin also confirmed an “information security incident” that had affected several of its internal IT systems. The company however said that its core system remained safe. 

In one of the campaigns that Cyfirma detailed in its report, a group called “UnwPock” has been active since June 2020 and is targeting global vaccine approval authorities, medical devices and pharma companies and hospitals in India. Other target countries include Italy, Australia, Japan, Taiwan, Brazil and Germany. 

The motivation behind such a campaign is to “exfiltrate intellectual property, medicine chemical combination, sensitive databases and customer information for geopolitical and competitive advantage,” according to the firm. The modes of attack in this case have predominantly been through spear phishing, exploiting databases and content management systems of companies, among others. 

Another campaign called “cold unseco33” which has been active since October 2020 has also been targeting global pharma companies including those in India working on Covid-19 vaccines. 

The central objectives around all these hacking campaigns are to gain access to sensitive information related to vaccines and medical research to create competitive advantage and to cause companies reputation damage, said Cyfirma. 



Popular posts from this blog

How a cyber attack hampered Hong Kong protesters

‘Not Hospital, Al-Shifa is Hamas Hideout & HQ in Gaza’: Israel Releases ‘Terrorists’ Confessions’ | Exclusive

Former FARC guerrilla, Colombian cop pose naked together to promote peace deal