Ransomware Plague COVID Trials

As nations race each other in search of the elusive vaccine, covert operators play dirty tricks.

Research that deals with data has long gone digital. That is of course a boost to data crunching and more accurate findings, but no longer can we ignore the perils of the digital world. Cybercriminals are increasingly launching ransomware attacks on the healthcare sector. Of late, the COVID-19 vaccine trials have turned out to be a soft target. More unnerving is the fact that quite a few state players are also engaging in this dirty game, along with traditional lone-wolf cyber bullies.

The latest in a long string of major attacks came on 20 September when eResearchTechnology (ERT) – a Philadelphia-based developer of healthcare software – found that its systems were under a ransomware siege. Employees in clinics and labs that use ERT’s software realised that they had been locked out of their data. ERT has been quick to allay fears regarding patient safety and stresses that clinical trial patients have not been impacted by the ransomware attack. However, their affected clients admitted that the attack forced researchers to continue patient-tracking for the trials via pen and paper.

ERT products are in widespread use for clinical trials across Europe, Asia and North America, including several trials and tests for the COVID-19 vaccine. The company website states that their software had been used in three-fourths of drug trials that got approved by the FDA last year. Their clients include leading names like IQVIA, the contract research organization behind AstraZeneca’s COVID vaccine trial, and Bristol Myers Squibb, the pharma company that leads a consortium working on developing a rapid test for the virus. However, two other pharma majors in the COVID vaccine race – Pfizer and Johnson & Johnson – said their trails were not impacted as ERT is not the technology provider for them.
While confirming the attack to the media, Drew Bustos, ERT’s vice president of marketing, asserted that the organisation had taken quick measures to address the threat.

He said that they immediately took the systems offline, sought help from external cybersecurity experts and notified the Federal Bureau of Investigation – and now it “has been contained”. Obviously, the company did not admit if any ransom was actually paid to get the systems unlocked. Unfortunately, of late, several organisations had to take the pay-up route to get their data back.
Pharma companies and drug labs have been repeatedly attacked by international hackers in the pandemic situation. Sources report more than a thousand ransomware attacks on American cities, counties and hospitals over the past 18 months. This is because some nations are taking recourse to underhand methods to track progress by other nations in tackling the coronavirus. According to New York Times reports, the F.B.I. and the Department of Homeland Security had directly warned the US administration in May of Chinese government spies trying to steal American clinical research through cybertheft. The NYT report also mentions that according to security researchers, over a dozen countries have redeployed military and intelligence hackers to gather any available information on how other countries are doing in terms of a vaccine or cure.

Merely a week before the ERT attack on eResearchTechnology, another major ransomware attack was launched on Universal Health Services, a key hospital chain with more than 400 locations. NBC News had termed this as “one of the largest medical cyberattacks in United States’ history.”
Other nations are not being spared too. Only weeks ago, Russian cybercriminals attacked 30 servers at Germany’s University Hospital Düsseldorf. As systems crashed, the hospital had to refuse emergency patients – leading to the death of a woman in a life-threatening condition. Although indirect, experts are considering this incident to be the first recorded death due to a cyberattack.