Ransomware Attack On Health Tech Firm Hits C-19 Clinical Trials – Security Experts Perspectives

In response to news of a ransomware attack on eResearch Technologies, a company whose clinical trials software is widely used in clinical trials, including in AstraZeneca’s Covid-19 vaccine trial and in Bristol Myers Squibb in a multi-company initiative to develop rapid COVID-19 testing, experts offer perspective.

Experts Comments

October 06, 2020
Chloé Messdaghi
VP of Strategy
Point3 Security
We don’t know how the ransomware attack happened – if it was caused by phishing, no surprise. There's been an intense upscale in attacks. Anything connected to sensitive data for COVID-19 is definitely under threat by foreign nation state actors or foriegn competing companies looking to find usable information. Or it could be an individual attacker or a group of attackers trying to collect money. Attackers understand this has exceptional worth because the companies are very well positioned.....Read More
We don’t know how the ransomware attack happened – if it was caused by phishing, no surprise. There's been an intense upscale in attacks. Anything connected to sensitive data for COVID-19 is definitely under threat by foreign nation state actors or foriegn competing companies looking to find usable information. Or it could be an individual attacker or a group of attackers trying to collect money. Attackers understand this has exceptional worth because the companies are very well positioned financially, and that clinical trials make a quick payoff very advantageous. This attack is disturbing – if associated with any medical company or connected with test data, it’s important for all involved to be held accountable for security, and constantly practice testing employees against phishing attacks. This is something that could make a positive impact in a very dark time so psyops could be involved.  Read Less
October 06, 2020
Saryu Nayyar
CEO
Gurucul
Ransomware attacks are not slowing down, and the recent attack on eResearch Technology, shows that no organization is safe - no matter what field they're in. While the attack didn't directly affect people involved in the clinical trials to develop a vaccine against Covid 19, the damage done may slow down research towards a vaccine, which potentially hurts all of us. Including the attackers. There are tools such as behavioral analytics that can help organizations identify and mitigate these.....Read More
Ransomware attacks are not slowing down, and the recent attack on eResearch Technology, shows that no organization is safe - no matter what field they're in. While the attack didn't directly affect people involved in the clinical trials to develop a vaccine against Covid 19, the damage done may slow down research towards a vaccine, which potentially hurts all of us. Including the attackers. There are tools such as behavioral analytics that can help organizations identify and mitigate these attacks, but it is time for law enforcement agencies across the world to step up their efforts against these international criminals. Security practitioners can do our part to secure our environments, but we don't have the ability, or the authority, to stop these attacks at their source. Only the international law enforcement community can do that.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.