x
Limited Time Offer: Save up to 20% on a new CIS SecureSuite Membership | Learn more
×
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Why CIS

Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world



About Us Leadership Principles Testimonials

Solutions

secure your organization
Secure Your Organization


secure specific platforms
Secure Specific Platforms


cis securesuite CIS SecureSuite® Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments


View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities



CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers

Resources

resources
Resources


learn
Learn


filter by topic
Filter by Topic


View All Resources  
CIS Logo Show Search Expand Menu

Just What The Cyber Doctors Ordered – OT For Pharmaceutical Companies

April 20, 2021

TripWire

Several digital attacks against pharmaceutical companies have made news in the past few years. Back in 2017, for instance, Merck fell victim to NotPetya. The wiper malware spread to the pharmaceutical giant’s headquarters, rendered years of research inaccessible, affected various production facilities and caused $1.3 billion in damages, according to Bloomberg News. A couple of years later, European Pharmaceutical Review reported that Swiss multinational healthcare company Roche had suffered an attack at the hands of the Winnti malware group—just one year after Bayer confirmed an incident concerning the same attackers.

Attacks in the pharmaceutical industry haven’t slowed down since then. According to Help Net Security, organizations in the pharmaceutical and biotech sectors witnessed a 50% increase in digital attacks between 2019 and 2020. It appears that at least part of those attacks originated from nation-state actors who specifically sought to steal COVID-19 vaccine research. Beyond that aim, SCADAfence noted that nation-state actors commonly target organizations in those two sectors to steal intellectual property and gain a technological or commercial advantage for companies in their own countries.