• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

How the Vulnerable Healthcare Industry can Protect Themselves

October 28, 2020 By Trevor Collins

In another series of attacks on COVID-19 research, an attacker disrupted Dr. Reddy’s servers in India, Brazil, Russia, the United Kingdom and the United States. Headquartered in India, Dr. Reddy’s has connections with other major pharmaceuticals in the US and Europe. While we saw previous attacks on hospitals and research centers, this attack for the first time targeted a large pharmaceutical company researching and distributing a COVID-19 vaccine. Curiously, this attack happened just days after it gained approval for trials of Russia’s final-stage trials of the Sputnik V COVID-19 vaccine. These trials were part of an agreement for 100 million doses of the vaccine in India.

Dr. Reddy’s CIO indicated they needed 24 hours to bring their services back online following this disruption:

“In the wake of a detected cyber attack, we have isolated all data center services to take required preventive actions. We are anticipating all services to be up within 24 hours, and we do not foresee any major impact on our operations due to this incident.”

Cyber criminals do not impose restrictions on their targets. In a Forbes article, many cyber criminals claimed they won’t hack the healthcare system but this didn’t stop others who take advantage of the situation. COVID-19 research creates high-value targets for ransomware while concerns over the economy mean fewer resources for safeguarding this research.

Dr. Reddy’s avoided serious harm to the company as far as we can tell. While you can’t substitute a strong firewall and endpoint protection, you can increase your cyber-security strength without significant costs by reviewing previous attacks. This Cybersecurity and Infrastructure Security Agency (CISC) page on Ransomware provides educational resources and examples of ransomware you can use to learn how to watch for it. You can also search on “ransomware email” using any search engine to bring up many examples of ransomware emails. Both available completely free. Again, this doesn’t substitute for actual security hardware and software, but it doesn’t cost anything but a little time to learn.

Share This:

Related

Filed Under: Editorial Articles Tagged With: covid-19, Healthcare

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Successfully Prosecuting a Russian Hacker
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Cybersecurity’s Toll on Mental Health
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use