The pharmaceutical industry might have been, and still is, a key player in the fight against COVID-19 and is still facing many challenges. But a virtual pandemic is among us – and it has been for quite some time. Cyberattacks target anyone and everyone, but some targets are of more value to malicious actors than others. The pharmaceutical industry is one such target. As part of a nation’s critical infrastructure, the industry, across the globe, is relied upon by billions of people – more than five billion people rely on at least one product manufactured by the pharmaceutical industry. Already an important player, the pharmaceutical industry is being depended upon more than ever before as governments attempt to tackle COVID-19. Such cruciality, and its access to extensive amounts of sensitive data, make the industry an extremely valuable target for cybercriminals.
While cyberattacks come in many forms, the pharmaceutical industry is most threatened by data theft and ransomware. According to IBM’s 2020 Cost of Data Breach Report, the pharmaceutical industry experiences the fourth-highest average total cost of a data breach. In some cases, data breaches allow malicious actors to harvest credentials to gain further unauthorized access to corporate networks. However, data theft is often enough in itself when the “right” data is stolen. And the pharma industry most definitely provides the “right” data. Pharmaceutical entities often obtain patient information, which is extremely valuable. It is, therefore, no surprise that 80% of data breaches compromise customer personally identifiable information (PII).
More concerning, however, is the industry’s access to medical information, which is even more sought-after. Also of value to malicious actors is the industry’s intellectual property. More than 30% of data breaches involve intellectual property theft, according to IBM. And the industry’s key role in the COVID pandemic means many pharma companies’ intellectual property might include vaccine information and distribution methods, which are valuable material to state adversaries. When victim to data theft, the entity faces many consequences, both direct and indirect. Some are the financial costs that are associate with a data breach are lawsuits and fines. However, the loss of business (as a result of diminished trust) accounts for the greatest expense at almost 40% of the entire cost, according to IBM.
Ransomware is a more harmful type of cyberattack, especially when targeting the pharmaceutical industry. Research by Black Kite found that 10% of pharmaceutical companies are highly susceptible to ransomware, with medium-sized companies as the most prone to such attacks. As part of critical infrastructure, pharmaceutical entities cannot afford any downtime… And the longer the disruptions to operations, the direr the consequences.
In 2017, Merck & Co fell victim to a ransomware attack that resulted in $1 billion worth of damages stemming from downtime and lost sales. With a low tolerance for downtime, a pharma enterprise will be more inclined to pay the ransom to ensure their operations are up and running as quickly as possible. With this in mind, targeting the industry during the pandemic will likely bring perpetrators great success. This is especially if a vaccine manufacturer’s cold chain (the organizations involved in providing the sub-zero conditions for COVID-19 vaccines) is hit and vaccine distribution is interrupted. Such a scenario became a reality when AmeriCold, a specialized cold storage provider, was hit with a cyber-attack. Luckily, the attack occurred when vaccines were only in the late stages of development, but it demonstrates just how vulnerable the industry is.
Spread of infection
The attacks mentioned above can infect enterprises in several different ways, one being through hardware-based attacks. What makes this infiltration method the most harmful is the ability for hardware attack tools to go undetected. The attack tools, known as Rogue Devices, work on the Physical Layer. Existing endpoint and network solutions do not cover the Physical Layer. Hence, attackers, having infiltrated their target, can operate without raising any alarms. The greatest obstacle for perpetrators of hardware-based attacks is the need for physical access. However, there are numerous vulnerabilities in the pharmaceutical industry that alleviate the physical access challenges.
While there is no vaccine to stop cyberattacks, there is a way to significantly reduce the risk of hardware-based attacks. Hardware security, is an aspect of security that remains sorely neglected. But, with Sepio’s Hardware Access Control (HAC-1) solution, enterprises have a one-stop-shop for all of their hardware security needs. HAC-1 enables Physical Layer visibility, providing a panacea to the gap in device visibility by detecting all IT, OT and IoT devices operating across the network and peripheral infrastructure. All devices are visible to HAC-1, and validating a device’s Physical Layer information, reveals it true identity.
The solution’s policy enforcement mechanism enables Hardware Access Control by enforcing a strict, or more granular, set of rules based on the device’s characteristics. And, importantly, HAC-1 instantly detects any devices which breach the pre-set policy, automatically instigating a mitigation process to block the device, thus preventing malicious actors from successfully carrying out an attack.
The solution is deployed speedily, all while using very few resources – that means no hardware and no traffic monitoring. Give us just 24 hours to show you how we do it; we will catch any (cyber) symptoms before you suffer real consequences.