Mer­ck left the door open to a dev­as­tat­ing cy­ber­at­tack, miss­ing two chances to raise a de­fense

Mer­ck missed two crit­i­cal op­por­tu­ni­ties ear­li­er this year to in­oc­u­late them­selves from the vi­cious cy­ber­at­tack they suf­fered this week, roil­ing op­er­a­tions and rais­ing ques­tions about their lack of prepa­ra­tion to de­fend them­selves.

The June 27 “Petya/Not­Petya” cy­ber­at­tack hit the multi­na­tion­al Mer­ck and sev­er­al oth­er com­pa­nies, such as the law firm DLA Piper, ship­ping gi­ant Maer­sk, and even a West Vir­ginia hos­pi­tal, which was forced to scrap its elec­tron­ic med­ical records in fa­vor of pa­per.

Unlock this article instantly by becoming a free subscriber.

You’ll get access to free articles each month, plus you can customize what newsletters get delivered to your inbox each week, including breaking news.

SIGN UP LOG IN BECOME A PREMIUM SUBSCRIBER