Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense
Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense
Hub Image

Incident Of The Week: Intruders Hack Into Charles River Labs

The biotech corporation confirmed the cyber security breach exposed client data

Add bookmark
Alarice Rajagopal
Alarice Rajagopal
05/24/2019

Charles River Labs is American corporation specializing in a variety of preclinical and clinical laboratory services for the pharmaceutical, medical device and biotechnology industries. The company reported that portions of its IT systems were hacked into last month by intruders who managed to copy a portion of its client data before the company contained the hack.

See Related: “Top 5 Cyber Security Breaches of 2019 So Far

Based on the information available to date, Charles River stated that there is no indication that data has been deleted, corrupted or altered. “We do have evidence that a relatively small number of clients (approximately 1%) may have had some data that was copied, and we have already notified each of these potentially affected clients directly. We believe that the known access point for the intruders has been closed and have no indication at this time of any continued, unauthorized activity in our information systems,” it said in a statement.

Charles River also noted that it is continuing to work with cyber security experts to further secure its current systems and infrastructure, as well as adding enhanced security features and measures to protect client data. Charles River also alerted U.S. federal law enforcement and is working with them as part of an active investigation related to this incident. The analysis of the fact pattern indicates that the intruders are highly sophisticated and well-resourced.

The statement asserts, “The security of the data we maintain for clients as well as our systems is a top priority. We invest heavily in the continuous improvement of our security programs and employ experts in advising us on the efficacy of our security controls. We deeply regret that this incident occurred and are committed to understanding what happened and avoiding any reoccurrence.”

The company released a Q&A document to provide some additional information. However, the company also cautioned: “While Charles River has taken substantial steps to minimize unauthorized access into its information systems, until its ongoing remediation process is complete, the company will be unable to determine that this incident has been entirely remediated.”

With more than 140,000 members, Cyber Security Hub is the vibrant community connecting cyber security professionals around the world.

More Hacks Inevitable In Biotech And Pharma

Andrew Douthwaite, chief technology officer for Colorado-based VirtualArmour, a cyber security company, told BioSpace that biotech and pharma companies are desirable targets for hackers and cyber thieves due to the value of the intellectual property. Out of five major business sectors, Douthwaite said the pharma industry is the second highest target for hackers. Because of the richness of the targets, as well as gaps in cyber security, Douthwaite said it is only a matter of time before another significant hack occurs within the pharma industry.

“I don’t want to be a scaremonger, but there are going to be more attacks,” Douthwaite said in a telephone interview.

The cyber attack on Charles River Labs comes nearly two years after the NotPetya network cyber attack that disrupted the manufacturing, research, and sales operations of Merck & Co.—and one year after LabCorp experienced a cyber attack, Genetic Engineering & Biotechnology News reports.

In its Form 10-K annual report for 2018, filed February 27, Merck quantified approximately $695 million in impact from the NotPetya cyber attack, whereas in July 2018, Laboratory Corp. of America Holdings (LabCorp) disclosed that it had detected suspicious activity on its IT network determined to be a new variant of ransomware. Other similar breaches reported include companies such as Partners for Quality, Sangamo Therapeutics and Johnson & Johnson.

In order to prevent more financial losses and more exposed patient data, Douthwaite offers this advice:

  • It is essential for companies to implement security plans and procedures that could mitigate future losses.
  • Offerings such as log-in management and the provision of 24-hour security services can help prevent an attack.
  • Look at the current security tools in place and identify gaps that could provide hackers an easier entrance.
  • Add a response phase, which includes the necessary guidelines and confidence for the enterprise to respond to a threat.
  • Backup servers are essential tools that can thwart cyber hostage-taking attempts like the evolving ransomware tactics.

“Not only could intellectual property be stolen from an attack, but also information that could provide criminal elements the necessary information on the development of potential bioweapons,” Douthwaite warns.

See Related: "Incident Of The Week" Articles

 

Tags: Cyber Security Biotechnology Hackers Data Breach Cyber Attack Charles River Labs Incident of the Week Pharma NotPetya Johnson & Johnson Merck & Co. Andrew Douthwaite VirtualArmour BioSpace Genetic Engineering & Biotechnology News Charles river biotech Charles river log in Charles river labs Nabila hack

FIND CONTENT BY TYPE

Cyber Security Hub COMMUNITY

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Learn more
iqpc logo

Cyber Security Hub, a division of IQPC

© 2024 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC| Contact Us | About Us | Cookie Policy