Five data leak trends overlooked by Pharma

March 25, 2022

Most Pharma companies are aware of Ransomeware. Frighteningly enough, Ransomware is constantly evolving into an ever more robust weapon to attack the Pharma industry, in fact, developers have recently modified their software to offer complementary capabilities, these modifications enable malicious-software-makers to provide a suite of malevolent utilities, known as Ransomware as a Service (RaaS), with no money-up-front. But, I’m not here to talk about the tools of bad actors that you’re already aware of, I’m here to discuss five ways that Pharma loses data to stealthy attackers.

Email

It goes without saying that email is the weakest link in your data security chain. In fact, email accounted for over half of all malware infection attempts in 2020, making it the most common method of spreading malicious software. What’s behind the problem? Mostly human error. Too often, employers download suspicious attachments from their emails. After self-installing, a virus can attack database commonly used by Pharma, like SQL, and leak information. The solution, robust virus detection for all downloads, or, a file sharing suite that’s immune to attackers.

Spreadsheets

Far worse, Excel formulas, which cannot be blocked via anti-virus software, can conceal malicious code. Macro viruses work by inserting code into spreadsheet macros. These disruptive bits of code target software rather than the operating system. In all, they have been lingering around since 1995, they’re nothing new. In fact, the virus was accidentally included on a CD-ROM called Microsoft Compatibility Test that shipped by Microsoft back in the 90s. Once up and running, these viruses can sniff out files and share them over the network.

The thing about Excel Formula macros is that unlike normal chunks of code, the User cannot disable them. And so, it’s wise to avoid downloading Excel sheets from less than trustworthy sources. The best idea: using a secure file sharing platform.

Firmwire

Woefully, Firmware viruses aren’t that unusual, 80% of enterprises were victims of at least one firmware attack in the past two years. Despite being ordinary, these attacks can be deadly for industries that work with sensitive information, Pharma, for example.

A VPNFilter, a particularly harmful firmware virus, installs malware onto the router. This in turn collects files and data as they’re compressed through network devices.

Not just does this wicked software sniff-out data from traffic, it installs additional malicious plug-ins that monitors network traffic to grab sensitive User information. In addition, this heinous software initiates packages to convert HTTPS web traffic into unencrypted HTTP, so that bad actors can extract your login credentials or account information.

These viruses are usually installed, by accident, as an ad-on. For instance, one of the most common VPNFilters, that’s lingered since Cisco first identified it in 2018, is the Modbus Traffic Filter.

Modbus is a data communication protocol that’s been around since 1979. It’s used for probable logic controllers, the kinda a factory might use to make medicine.

On to the Lesser Criminals

These guys don’t win an award for the most sophisticated or are something that are as big of an issue for Pharma, but remain relevant: Man in the Middle and Brute force attacks. I’d hope that most of the Pharma industry is well insulated from these low level attacks. I compare them to DDOS (something that doesn’t steal data but is meant to disrupt) in technical savvy, lowbrow.

Man in the Middle

This hack involves Wi-Fi eavesdropping. Something that is a high risk in these days of employees working from cafes. Worst of all, this isn’t that hard to do, most anyone can snoop out your passwords while using public Wi-Fi.

Brute Force

Believe it or not, hackers can still attack your system, even a Pharma company, by brute force. To do so, bad actors feed previously breached username/password combinations into automated software. The software then tries these passwords across a large numbers of sites, hoping to find a match. Sadly, there were about 193 billion attacks, globally, last year.