Attacks on the biotech and pharmaceutical industry have risen by 50% in 2020 compared to 2019, according to a new report from BlueVoyant.
These findings come amid positive recent news regarding the development of COVID-19 vaccines. It is unsurprising therefore that the cybersecurity firm found that eight of the most prominent companies working to create a vaccine for this virus have faced disproportionate levels of targeted malicious attacks in 2020 compared to other major pharma organizations.
Additionally, the researchers said the number one emerging threat this year is nation state espionage aimed at stealing COVID-19 vaccine research data, although the top threat overall in this sector remains ransomware.
In an analysis of open-source records of 25 publicly reported attacks during the past four years as well as research into 20 companies, including 12 of the largest biotech and pharma organizations in the world, BlueVoyant noted an escalating number of attacks. It observed that of the 25 attacks reported to the media since 2017, 10 (40%) occurred in 2020, while 80% of the 20 companies researched had experienced malicious, international and focused efforts this year.
Worryingly, most of the companies analyzed had not implemented important defenses against these types of attacks, such as securing open remote desktop access ports and phishing security.
Jim Penrose, COO, BlueVoyant, commented: “Pharmaceutical companies develop highly lucrative IP, they handle large amounts of patient and healthcare data and as such are a prime target for criminals looking to compromise, steal and exploit information. Now they face an even more elevated risk environment in the current pandemic as well-resourced nation state actors mount aggressive and focused campaigns.”
Jim Rosenthal, founder and CEO at BlueVoyant, added: “The ongoing effort to find a vaccine and cure for COVID-19 is an endeavor we all want to succeed. The high level of cyber-risk associated with the firms working on this critical mission ought to be a call for action to take immediate measures to drive down cyber-risk. Around the globe all citizens want peace of mind that these firms will guarantee confidentiality, integrity and availability in their research, development, manufacturing and data management activities as they race against the clock to deliver life-saving breakthroughs.”
Earlier this week, it was reported that data breaches in the healthcare industry are expected to triple in volume in the coming year.