The Pharmaceutical Industry is Heavily Targeted During the Global Crisis
During the current pandemic, cybercriminals are specifically targeting healthcare, pharmaceutical, and medical research organizations working on developing a vaccine for the virus.
- In May 2020, the FBI and the Department of Homeland Security’s cybersecurity agency issued a joint statement disclosing that the FBI is investigating “the targeting and compromise of U.S. organizations conducting COVID-19-related research” by the Chinese military and other Chinese hackers.
- In June 2020, hackers infiltrated servers in the epidemiology and biostatistics department of the University of California at San Francisco. The attack could not have come at a worse time since the department was racing to develop the COVID-19 vaccine. Reports indicate that it took weeklong negotiation to free its ransomware-locked servers.
- According to a July 2020 U.S. Department of Justice indictment, Chinese MSS-affiliated actors have targeted various industries across the United States and other countries and recently probed for vulnerabilities in computer networks of companies developing COVID-19 vaccines, testing technology, and treatments.1
- In the U.K., the National Cyber Security Centre documented a surge in state-sponsored attacks on British research institutions focused on COVID-19, and attributed much of that increase to Russia, Iran, and China.2
The list goes on. Cybersecurity incidents and ransomware attacks disrupt services and can also delay the progress towards drug development and delivery. Intellectual property, sensitive and personal information, and more importantly, lives are at stake, something we cannot possibly afford during a pandemic.
The nation-state sponsored hacker groups are using all channels and methodologies to infiltrate the systems. Acknowledging this new sense of urgency, pharmaceutical and medical research companies need to step up all security measures to reduce the risk of breaches. Other than strengthening the OT and network security, understanding the application risks and vulnerabilities within their organizations as well as third-party services risk management could be the crucial steps toward building cyber resiliency at the core.
From the perspective of application security, here are some ways that organizations can take proactive measures to prevent such disruptive attacks.
Protect Your Web and Mobile Apps from Hackers
Application weaknesses and software vulnerabilities are the primary reasons for external attacks. Cybercriminals are using all methods from phishing to brute force attacks, to scanning websites and servers of target companies to exploit vulnerabilities of unpatched software. An application security strategy allows organizations to continuously check and monitor existing and potential vulnerabilities related to the security of the applications. For example, dynamic application security testing (DAST) scans external-facing websites continuously for a wide range of security vulnerabilities and detects code changes to web applications automatically. This enables automatic detection and assessment of code changes to web applications, alerts for newly discovered vulnerabilities, and the ability to retest a vulnerability without having to test from the beginning offering an “always-on” risk assessment.
The same applies to mobile app development and security best practices to minimize application risks. Organizations must put controls in place to analyze and monitor third party mobile app risks. Given that mobile operating systems, architecture, development tools, and developer roles are significantly different from web and PC applications, more specialized training and AppSec testing tools are required for secure mobile app development to check for data leakage and other vulnerabilities.
Evaluate Third-Party Vendor Risks
Third-party vendors including partners, suppliers, outsourced code development, and cloud hosting services add to the growing threat landscape. There’s a sheer volume of interrelated complexities due to a lack of visibility into the third-party coding best practices and vendor asset management. In March 2020, ExecuPharm, a company that provides clinical research support services for the pharmaceutical industry, was hit by Clop ransomware. The ransomware group behind the attack published the sensitive data stolen from the company’s server.3
Regular security checks, communicating about security awareness, compliance audits, and establishing strict application security protocols are some positive ways forward when it comes to third-party risk management and mitigation. Application security testing with Software Composition Analysis (SCA) allows you to identify third-party and open source components that have been integrated into all your applications. Flaws in open source and unpatched libraries present a major challenge and can be potentially exploited. SCA analyzes applications for third parties and open source software to detect illegal, dangerous, or outdated code.
In Summary: The Need for a Proactive Approach to Cybersecurity
In the wake of these recent attacks, the pharmaceutical industry and those involved in medical research must implement a holistic approach to application security testing. Application security aims to provide enterprises with early insight into vulnerabilities to help prevent hackers from taking advantage of weak applications. Security and development teams can assess code to identify and fix vulnerabilities at any point in the development process, or assess third-party apps, to ensure security is built in from the start.
Especially as the acceleration digital transformation requires that software be built faster, organizations must ensure that cybersecurity remains a top security priority – with an emphasis on application security. The app-driven economy is creating larger risks and higher stakes; it’s important to recognize the role of application security for your business reputation and continuity. The pharmaceutical industry’s average total cost of a data breach ($5.06M) is now fourth on the list just behind healthcare, energy, and finance. By focusing on early detection and continuous monitoring, which is easier and much less expensive than the cost of a breach later, pharmaceutical and healthcare organizations can present a compelling business case for cybersecurity investments.
WhiteHat is helping Pharmaceutical Companies Strengthen their Application Security Posture
WhiteHat’s Application Security platform allows developers to incorporate security into the DevOps process to enable true DevSecOps. By prioritizing application security testing throughout the entire DevOps process, pharmaceutical companies can significantly lower the risk of outside threats from exploiting application-specific vulnerabilities.
- Use WhiteHat Sentinel Dynamic for continuous AppSec testing in production and WhiteHat Sentinel Mobile for securing mobile apps
- Use the Sentinel Auto API platform and get highly scalable, accurate, and fully automated vulnerability scanning for web service APIs, public, private, and internal-facing APIs.
- Confidently fix security vulnerabilities faster with WhiteHat Sentinel Source
- Use Software Composition Analysis to manage OSS and reusable components
- Access actionable reports that make it easy to communicate risk to business stakeholders
Check out our Solution Brief to learn how WhiteHat Security is helping Pharmaceutical companies strengthen their Application Security posture.