Tag Archive for: Pharma

Cybersecurity in pharma: Securing the future


National Forensic Sciences University (NFSU) checked the logs of the ransomware files at a city hospital after a cyberattack, they were surprised – the execution of the file, which took place at 2am, had been sitting pretty in the system since March!
“The latest attack was found to be of the ransomware of Phobos class, which has been around since 2018 and evolving continuously. According to our information, in the past one month, there have been two major attacks on hospitals and a major pharma company. Of the three cases, an FIR has been filed for only one,” said a senior cyber cell official.

ransomware attack

“There could have been more such attacks, but the companies are often afraid of reporting such incidents fearing infamy and change in the company safety perception,” he added.
Sources privy to the investigation said that a delayed cyberattack is not uncommon, but fewer such cases have been reported in Gujarat so far.
“Such tactics are used by the attackers when they want to cover a very large ground and infect lateral systems. As seen in this case, even the backup servers were infected. It’s possible when the root directory is controlled by the attackers and the cyber security does not detect the impending attack,” said a cyber security expert.
NFSU sources said that while the system is up and running after a few days of the incident, the decryption of data is still going on. In a majority of the cases, decryption poses a major challenge.
The hospital administration has been advised to adopt cloud storage to safeguard against such incidents in the future.
Sunny Vaghela, CEO of a city-based cyber safety firm, said that healthcare has remained a major target for country-based and international hackers because of the huge database the hospitals and pharma companies maintain.
“They often threaten to release the data on the dark web or sell it for a price. Prevention is better than cure, and here also, the demand for penetration testing is on the rise. Firewall breaches and delayed activation of the ransomware ‘payload’ indicate that active cyber safety measures remained ineffective. There could be many reasons for it including pending system updates to…

Source…

Sun Pharma Revenues Take a Shot due to Major Ransomware Attack


Sun Pharma, one of India’s leading pharmaceutical companies, has recently admitted that its operations and revenues have been impacted by a cyberattack on its IT assets that occurred on 2nd March.

 

Initially, the company stated that the incident did not impact its core systems and operations. However, a recent filing to the stock exchange reveals that the attack did have an impact on the company’s business operations and revenue.

 

The company has taken containment measures and isolated its network while initiating the recovery process but admits that some of its businesses will experience reduced revenues as a result of the attack.

 

This incident involved a breach of certain systems and theft of company and personal data. A ransomware group has claimed responsibility for the attack. The company has not been able to determine the full extent of the impact, including the possibility of additional security incidents, increased insurance costs, diversion of management and employee time, or the potential for litigation.

 

Sun Pharma’s recent cyberattack is the latest in a series of IT security breaches faced by pharmaceutical companies. Last year, Novartis was reportedly targeted by the hacking group Industrial Spy, which runs a marketplace of stolen data. Fortunately, Novartis managed to avoid any sensitive data being compromised.

 

AstraZeneca faced a similar security incident in November 2022 when some of its records were left exposed online due to a user error. Credentials for an internal server were mistakenly left on a code-sharing site, leading to the exposure of sensitive patient data for over a year.

 

These incidents serve as a stark reminder that no company or industry is immune to cyber threats. With the healthcare industry being the most targeted sector in India, pharmaceutical companies must remain vigilant and proactive in their efforts to protect their IT assets and data.

 

Sun Pharma ended Monday 1.15% up at Rs983.95 on the BSE, while the 30-share Sensex closed marginally higher at 57,653.86 points.

 

Source…

Sun Pharma says revenue may decline as operations hit due to ransomware attack


India’s largest drug manufacturer Sun Pharma on March 26 said its revenue is expected to decline as the company’s operations have been affected due to a ransomware attack.

On March 2, the pharma major said an information technology security incident had occurred and impacted IT assets. A ransomware group was behind the attack, Sun Pharma said.

“The incident’s effect on the IT systems includes a breach of certain file systems and the theft of certain company data and personal data,” it said in a filing with the stock exchanges on late Sunday.

The Mumbai-based pharma company said it has isolated the network and initiated the recovery process as part of the containment measures.

“As a result of these measures, the company’s business operations have been impacted. Consequently, revenues are expected to be reduced in some of our businesses,” Sun Pharma said.

However, the company said it would incur expenses concerning the incident and the remediation.

Sun Pharma said it is unable to determine other potential adverse impacts of the incident, including but not limited to additional information security incidents, increased costs to maintain insurance coverage, the diversion of management and employee time, or the possibility of litigation.

Sun Pharma was up 0.44 per cent on Monday, trading at Rs 977 on BSE by 10 am.

Source…