Showing: 1 - 4 of 4 RESULTS

Health tech firm testing coronavirus treatments hit by ransomware attack

 A ransomware attack on a health tech firm has slowed some clinical trials, including some involving treatments and vaccines for the coronavirus.

The target was a Philadelphia company that sells software used in hundreds of clinical trials, according to the New York Times.

No patients were affected.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

The attack on eResearchTechnology (ERT) began two weeks ago when employees discovered they were locked out of their data by ransomware.

The companies hit were IQVIA, a contract research organization helping to manage AstraZeneca’s Covid vaccine trial, and Bristol Myers Squibb, which is leading a consortium of companies to develop a quick test for the virus.

ERT has not said how many clinical trials were affected.

TRUMP’S SYMPTOMS LEFT AIDES ‘REAL CONCERNED’ AT FIRST BUT CONDITION HAS IMPROVED, MEADOWS SAYS

The company was involved in three-quarters of trials that led to drug approvals by the Food and Drug Administration last year, according to its website.


On Friday, Drew Bustos, ERT’s vice president of marketing, confirmed that ransomware had seized its systems Sept. 20.

TRUMP’S CORONAVIRUS INFECTION EPITOMIZES ‘OCTOBER SURPRISE,’ BUT IMPACT REMAINS ENIGMA

As a precaution, Bustos said, the company took its systems offline that day and notified outside cybersecurity experts as well as the FBI.

The company said it was too early to say who was behind the attack.

A spokesman declined to say whether the company paid its extortionists.

CLICK HERE TO READ MORE ON FOX BUSINESS

The incidents followed more than 1,000 ransomware attacks on U.S. cities, counties and hospitals over the past 18 months, according to the Times.

Source Article

Clinical Trials Hit by Ransomware Attack on Health Tech Firm

The incidents also follow more than a thousand ransomware attacks on American cities, counties and hospitals over the past 18 months. The attacks, once treated as a nuisance, have taken on greater urgency in recent weeks as American officials worry they may interfere, directly or indirectly, with the November election.

A ransomware attack in Germany resulted in the first known death from a cyberattack in recent weeks, after Russian hackers seized 30 servers at University Hospital Düsseldorf, crashing systems and forcing the hospital to turn away emergency patients. As a result, the German authorities said, a woman in a life-threatening condition was sent to a hospital 20 miles away in Wuppertal and died from treatment delays.

ERT’s clients at IQVIA and Bristol Myers Squibb said they had been able to limit problems because they had backed up their data, but the attack forced many clinical trial investigators to move to pen and paper.

In a statement, IQVIA said that the attack had “had limited impact on our clinical trials operations,” and added, “We are not aware of any confidential data or patient information, related to our clinical trial activities, that have been removed, compromised or stolen.”

Pfizer and Johnson & Johnson, two companies working on a coronavirus vaccine, said their coronavirus vaccine trials had not been affected.

“ERT is not a technology provider for or otherwise involved in Pfizer’s Phase 1/2/3 Covid-19 vaccine clinical trials,” Amy Rose, a spokeswoman for Pfizer, said.

Companies and research labs on the front lines of the pandemic have been repeat targets for foreign hackers over the past seven months, as countries around the world try to gauge one another’s responses and progress in addressing the virus. In May, the F.B.I. and the Department of Homeland Security warned that Chinese government spies were actively trying to steal American clinical research through cybertheft.

Source Article

Mounting Ransomware Attacks Morph Into a Deadly Concern

Hackers are increasingly targeting health-care institutions and threatening people’s well-being as their software attacks get more sophisticated and brazen.

Ransomware attacks, in which hackers cripple a software system until they receive a bounty, have surged this year, along with financial demands, security experts say. The attacks have been around for decades but have flourished as society has become more dependent on technology. Other factors include the rise of the cryptocurrency bitcoin, more advanced hacking techniques and, some say, the widespread adoption of cyber insurance.

“The trend has been going up for a while, but in 2020 it has just been skyrocketing,” said Dmitri Alperovitch, the chairman of Silverado Policy Accelerator, a nonprofit think tank focused on cybersecurity.

Hackers have expanded their targets to include health-care companies. This week, one of the nation’s largest hospital chains,

Universal Health Services Inc.,

diverted ambulances from some facilities after a crippling ransomware attack. It said the outage didn’t harm patients, but systems used for medical records, laboratories and pharmacies were offline at about 250 of the company’s U.S. facilities.

The attack occurred Sunday morning, and the Universal Health’s network remained offline Wednesday, though priority systems such as email and clinical operations systems were being restored gradually across the country, the company said.

In a separate incident in Germany, prosecutors have launched an investigation after a woman died earlier this month when her ambulance was diverted from University Hospital Düsseldorf in the country’s North Rhine-Westphalia state.

A ransomware attack hit the hospital on Sept. 10, shutting down computer systems and forcing it to reroute ambulances away from its emergency room for 13 days. IT systems there are still recovering, hospital spokesman Tobias Pott said Tuesday.

Attacks on medical facilities are worrying because delays in patient care have been directly linked to patient harm, said Joshua Corman, a senior adviser at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. “We’ve had a growing concern that this degraded and delayed patient care would lead to a demonstrable loss of life.”

Mr. Corman said he had hoped hackers would leave hospitals alone as they were swamped by the coronavirus pandemic, but that hasn’t happened. “We’d assumed that they would be smart enough not to attack, but I think [hackers’] assumption was that [victims] would definitely pay.”

Cybersecurity company

FireEye Inc.

says ransom demands for large organizations can range between $10 million and $30 million, and hackers are increasingly following up their ransom demands with threats to publish stolen data online, hoping to extract more money. Many companies make the payments.


“Victims are paying millions of dollars in ransom, and it’s continuing to perpetuate this criminal activity.”


— Dmitri Alperovitch, chairman of cybersecurity think thank Silverado Policy Accelerator

But some don’t. Last week, hackers released Social Security numbers and other private information after administrators at a Las Vegas public-school district refused to pay an extortion demand, The Wall Street Journal reported Monday.

This month alone, FireEye has tracked 100 ransomware incidents world-wide, more than twice

Suspected ransomware attack disrupts hospital chain

A suspected ransomware attack disrupted patient care at a large chain of hospitals and clinics operating in the United States and Britain, the latest in a series of cyberattacks on the health care system in recent months.

Universal Health Services said in a statement it suffered “an information technology security incident” on Sunday which “may result in temporary disruptions to certain aspects of our clinical and financial operations.”

UHS, which operates 26 acute care hospitals and other health facilities in the US and Britain, said acute care and behavioral health operations were “utilizing their established back-up processes including offline documentation methods.”

The cybersecurity blog BleepingComputer said the attack appeared to be using Ryuk, malware linked to North Korean hackers which encrypts computer systems until a ransom is paid.

One UHS employee told BleepingComputer that files were being renamed to include the .ryk extension used by Ryuk.

Employees discussing the attack on online message boards said ambulances and patients were being redirected from UHS hospitals to other facilities.

The incident marked the latest in a string of cyberattacks on health care facilities in recent months, with hackers preying on outdated computer systems and the belief that hospitals would be likely to pay a ransom to avoid endangering patients during the coronavirus pandemic.

Security researchers have said several other hospital systems have been hit by ransomware in recent weeks with possibly fatal consequences.

“More and more groups have started to steal data and using the threat of releasing it as additional leverage to extort payment,” the security firm Emsisoft said in a recent blog post.

“Cybercriminals are better resourced and more motivated than ever.”

Emsisoft said at least 219 organizations in the US government, education and healthcare sectors, including “multiple hospitals” have fallen victim to ransomware attacks.

rl/ch

Source Article