Comment: Ransomware at healthcare firm delays clinical trials

A US healthcare company that sells software used in hundreds of clinical trials, including the crash effort to develop tests, treatments, and a vaccine for the coronavirus, was hit by a ransomware attack that has slowed some of those trials over the past two weeks. The attack on eResearchTechnology, began two weeks ago when employees discovered that they were locked out of their data by ransomware, an attack that holds victims’ data hostage until they pay to unlock it. ERT said clinical trial patients were never at risk, but customers said the attack forced trial researchers to track their patients with pen and paper.

Full story here: https://www.foxbusiness.com/technology/health-tech-firm-testing-coronavirus-treatments-hit-by-ransomware-attack

Experts Comments

October 06, 2020
James McQuiggan
Security Awareness Advocate
KnowBe4
Healthcare organizations are a prime target for ransomware, as they contain sensitive patient data. For large, profitable organizations, cybercriminals know that they have the means to pay the ransom after their data is stolen. Unfortunately, cybercriminals are stealing intellectual property to auction it to the dark web to increase their financial profits from the attack. Having a defense-in-depth infrastructure makes it harder for cybercriminals to access the organization's intellectual.....Read More
Healthcare organizations are a prime target for ransomware, as they contain sensitive patient data. For large, profitable organizations, cybercriminals know that they have the means to pay the ransom after their data is stolen. Unfortunately, cybercriminals are stealing intellectual property to auction it to the dark web to increase their financial profits from the attack. Having a defense-in-depth infrastructure makes it harder for cybercriminals to access the organization's intellectual property to install malware or ransomware. If the cybercriminals are successful, an effective monitoring program will detect the exfiltration of data. Security awareness training for employees contributes to a robust cybersecurity program strategy since many of these attacks come from phishing emails.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.