Novartis Latest Target in Cyberattack Extortion Plot

Novartis_Taljat David_Compressed

Courtesy Taljat David/Getty Images

Novartis has fallen victim to a cyberattack. The Swiss pharma giant’s data was hijacked by a well-known online extortion ring dubbed Industrial Spy.

First reported by IT news site Bleeping Computer, the hacking group claimed they stole data related to DNA and RNA-based drug technologies. Industrial Spy attempted to sell the data on their Dark Web marketplace for $500,000 in crypto-currency. The gang claimed the data was stolen “directly from the laboratory environment of the manufacturing plant,” Bleeping Computer said.

Time stamps for the data suggest it was stolen in February, according to a screenshot posted in the report. The data files shown in the screenshot were small, only 7.7 MB in size. It is unknown if the hacker collective had more data that was not listed at the time.

Novartis confirmed the breach to Bleeping Computer and told the website that no sensitive data had been compromised.

“We take data privacy and security very seriously and have implemented industry-standard measures in response to these kind of threats to ensure the safety of our data,” Novartis said in its statement, according to the report.

Cyberattacks are nothing new to the pharma industry. Two years ago, during the height of the pandemic, the Federal Bureau of Investigation’s Internet Crime Complaint Center reported that online crimes “have roughly quadrupled since the coronavirus pandemic.”

That year, hackers breached databanks belonging to the European Medicines Agency and had access to documents related to the regulatory submission of the COVID-19 vaccine developed by Pfizer and BioNTech. Also in 2020, a North Korean hacking collective known as Kimsuky is believed to be behind an attempt to steal data related to the COVID-19 vaccine developed by AstraZeneca.

In a previous interview with BioSpace, Andrew Douthwaite, chief technology officer for Colorado-based VirtualArmour, a cybersecurity company, said biotech and pharma companies are desirable targets due to the value of intellectual property. Douthwaite said that out of five major business sectors, the pharma industry is the second-highest target for hackers. That’s due to the value of the data, as well as cybersecurity gaps, he said. 

Prior to the COVID-19 threat, multiple companies within the industry were subjected to hacking. In 2019, sophisticated cyber thieves hacked into the databases of Charles River Laboratories and compromised some client data.

That same year, Partners for Quality, an organization that provides services and support to individuals with intellectual and developmental disabilities, reported unauthorized access to client information. In 2018, Sangamo Therapeutics reported a data breach after an executive’s email was hacked. Life sciences giant Johnson & Johnson was also the subject of a data breach that same year. The J&J breach compromised the emails of hundreds of people in the nation of Ireland.

Also in 2017, a U.S. clinic was attacked and data information from a Phase II trial was stolen, and mid-stage data was also stolen from a U.K. CRO. That same year, pharma giant Merck was hit by a massive ransomware attack. The particular computer virus known as NotPetya shut down computer systems and sought to extort funds from Merck, as well as other companies, in order to release those compromised systems. The ransomware attack hindered Merck’s manufacturing of HPV vaccine Gardasil 9 for a short time and prompted concerns about a drug shortage.

Back to news