Life Sciences Industry Becomes Latest Arena in Hackers’ Digital Warfare


A global pandemic has left life sciences companies with giant targets on their backs for cyberattacks.

As of December, at least six pharmaceutical companies in the U.S., U.K. and South Korea working on COVID-19 treatments were targeted by North Korean hackers, according to the Wall Street Journal. The hackers were out for sensitive information to sell or weaponize.

Many hospitals running COVID-19 antibody trials have seen at least triple the attempts to access servers compared to previous years. Intelligence agencies have warned health care systems repeatedly about vaccine-related research thefts by nation-state-backed hackers.

In a report, the U.K. government identified life sciences as the main target of intellectual property theft after analyzing 26 different industries. Medical records are now ten times more valuable to hackers than credit card details.

Being a smaller company doesn’t exempt you from the trend. A majority of targeted cyber-attacks are on small and medium-sized businesses. BioSpace has the scoop on keeping your company safe from Ben Hall, a cybersecurity expert.

“One of the reasons why health care is one of those easier targets is typically because they don’t necessarily have a formal IT staff that is dedicated towards security. They are often more operational in nature. Security is a part of their process but not necessarily the focal point,” Hall said. “It opens up that opportunity for criminals to come in and spread whatever malicious intent they’re able to implement.”

Hall recommends all organizations have some type of formal risk assessment done annually, either internally or externally. For those without a dedicated IT security team, cybersecurity companies can help seek out every weakness or potential opportunity for hackers to get in, then work with the company to mitigate those risks.

These security evaluations should be done not only on the network’s security, but also on a user level. Ongoing staff training is essential. Even something as simple as clear instructions on what to do when a work badge is lost is important.

Hall recommends employees use a robust password that isn’t easily guessed. And no, that sticky…