Pharma facility devices are now being targetted globally

Spread the love

Mumbai: Pharma facility devices are being attacked by cybercriminals. Kaspersky reveals an alarming trend of increasing cyberattacks on Pharma facility devices on a yearly basis.

From 44% of machines infected in 2017 and a 1% increase in 2018, this year’s number of detected attempts shows that nearly every 5-in-10 devices inside a pharma facility are now being targeted globally.

Amongst the countries which logged the most number of attacks are Pakistan (54%), Egypt (53%), Mexico (47%), Indonesia (46%), and Spain (45%).

Four more countries from the Asia Pacific region cap off the top 15 nations with the highest per cent of devices infected. These include India, Bangladesh, Hong Kong and Malaysia with more or less 4-in-10 machines with detected malicious attempts.

“While it is a known fact that money-hungry cybercriminals can easily earn by attacking banks, we also observe that these hackers, as well as cyberespionage groups, are slowly paying a lot of attention towards the industry of advanced medicine,” said Yury Namestnikov, Head of Global Research and Analysis Team (GReAT) Russia – Kaspersky.

“They are slowly realizing that pharmaceutical companies house a treasure trove of highly valuable data such as the latest drugs and vaccines, the newest researches, as well as medical secrets,” he continued.

“The rise of internet-connected operational technology (OT) inside these pharmaceuticals also contributes to the widening attack surface inside this sector,” added Namestnikov.

Among the Advanced Persistent Threat (APT) groups which have been waging sophisticated spying over pharmaceuticals globally include Cloud Atlas and APT10 also known as MenuPass.

“Based on our monitoring of several APT actors’ movements in the Asia Pacific and globally, we figured that these groups infect servers and exfiltrate data from pharmaceutical companies,” informed Namestnikov.

“Their attack techniques and behaviour also prove that these attackers’ apparent goal is to get their hands on intellectual properties related to the latest medical formulas and research results as well as the business plans of their victims,” he added further.

Vulnerabilities in open source EMR-systems and its dangers

In his own research, Denis Makrushin, Security Architect – Ingram Micro, revealed the risks that come along with the steady migration of hospitals from paper-based data storage to electronic medical record (EMR) systems.

Makrushin further noted that healthcare organisations, scrambling to digitize their data storage, see open-source EMR web-portals as an easy and quick option, despite their known security challenges.

“We are seeing lesser printed or hand-written medical books inside hospitals and clinics worldwide with the advent of open source. Given their limited internal IT workforce, healthcare institutions opt to use convenient services such as OpenEMR, OpenMRS or similar web applications. This technology’s rapid adoption triggers the rise of the threats against this widely-used services,” said Makrushin, OpenEMR and OpenMRS are open platforms for medical practice management.

Any organization can use this product for business without any restrictions. The source code of this product is also available for any developer. In addition, this software has certifications from trusted organizations (for example OpenEMR is ONC Complete Ambulatory HER certified).

Leave a Reply

Your email address will not be published. Required fields are marked *