Pharmaceutical companies, cybercriminals’ favorite targets

Malicious actors have shown particular attention to the drug development industry

Information security and digital forensics specialists from the International Institute of Cyber Security report that multiple groups of malicious hackers are launching attack campaigns against different companies, especially organizations belonging to the pharmaceutical industry, sector in which attack campaigns have grown exponentially in the last two years.

This research was carried out by a cybersecurity firm, which analyzed the security incidents raised in the 500 companies with the most revenues in the whole world. One of the main conclusions that this analysis showed is that during the last quarter, the pharmaceutical companies suffered the most cyberattacks, averaging 71 malicious campaigns in each company in this sector, which means that the cyberattacks against the drug industry grew 149% over the same period last year.

Drug-developing companies are an attractive target for cybercriminals, as they safeguard a large amount of intellectual property on new drugs or compounds. Specialists in digital forensics believe that if an attacker gets access to information about new researches, they will surely find potential buyers in the black market.

Speaking of all industrial sectors in general, email fraud campaigns have also been on the rise; according to the investigation, email attack attempts grew 80% for all industrial sectors analyzed compared to the last quarter of 2017. In many cases, malicious actors try to deceive some employees in order to gain access to enterprise networks.

According to the research, a common tactic is that hackers spoof the email addresses of a company’s managers, trying to trick lower-tier employees into revealing data or even making money transfers. Although it seems a rudimentary form of cyberattack has proved successful, so the practice continues to be presented. According to specialists in digital forensics, many of the biggest data violations began with a simple spoofed message.

Behind the pharmaceutical sector, the construction companies were the second most attacked industrial branch, averaging 61 attacks in each organization. Completing the podium are real estate companies, with 54 attacks on average during the last quarter.

As for the annual figures, the drug industry is maintained in the first place, averaging 288 attacks per company throughout the 2018. On this occasion, real estate companies are left with second place, averaging 277 attacks in each company throughout the current year.

Digital forensics specialists suggest some ways that organizations can protect themselves from cyberattacks, such as training their employees to detect and report malicious emails, as well as having a backup plan in case cyberattack.