How pharma companies can avoid cyber threats
Jagdish Mahapatra, VP, Asia, CrowdStrike, explains the need for pharmaceutical businesses to be equipped with the tools, education and intelligence to prevent, predict and avoid future cyber threats
The pharmaceutical industry is an attractive target for cybercriminals as it regularly manages large volumes of sensitive data and high-level intellectual property. The focus on COVID vaccine manufacturing and distribution over the last couple of years has painted an even bigger target on the pharma companies. CrowdStrike’s 2021 Global Threat Report found that just last year-targetted intrusions focussed on infiltrating crucial networks to steal valuable data on vaccine research.
This interest in pharma companies continues unabated and security teams face an uphill battle to protect the business from further attacks. As digital transformation proliferates through most industry sectors, pharmaceutical companies are now operating more and more on a digital enterprise model. This includes collaborating regularly with various internal, external and outsourced partners in a technology supply chain to scale cloud environments. This increases the attack surface for potential intrusion activity and runs the risk of attack through compromised identities and credentials.
Security teams are overloaded and under-resourced and often lack visibility of potential vulnerabilities because the number of endpoints they need to monitor has grown. They have a partner supply chain who may have differing levels of cybersecurity posture and they are still challenged by a ‘work from home’ model where employees are often working on unmanaged devices. This is driving the need for a defence-in-depth strategy.
One of the biggest attacks of the last year or so, the Sunburst software attack, demonstrated, how, with a single code, an entire supply chain can be infiltrated. It was a complex supply-chain attack that injected malicious code into the software’s build cycle and initially infected about 18,000 customers downstream, including major firms and government agencies.
CrowdStrike Intelligence identified that ‘big game hunters’ have been actively targetting the healthcare sector throughout the pandemic. Phishing domains linked to VELVET CHOLLIMA were spoofing the UK, the US and South Korean pharmaceutical companies’ leading efforts on COVID-19 research. A month before this discovery, a similar decoy content was found in the environment of an Asian pharmaceutical sector organisation.
Closing the security gaps
As data sharing becomes more prevalent across the industry, companies are starting to grasp that a breach in their network that could subsequently spread to others will have staggering impacts on their reputation and may even lead to regulatory fines. The average time for cybercriminals to break out of t