Infosec

Merck was hit hard by a vicious cyberattack yesterday. Here is what we know.

Merck had two pieces of unexpected news for biopharma yesterday, but the company only knew about one of them when the day started.

First came the stunning news its CETP outcast anacetrapib landed a positive PhIII.

Hours later, the company issued these two tweets, confirming their computer systems were “compromised” by the widely reported Petrwrap/Petya cyberattack:

Multiple efforts to reach Merck spokespeople by Endpoints News were unsuccessful.

The Washington Post reports Merck employees were asked to disconnect all mobile devices and “told not to interact with reporters or post messages on social media.” A company scientist who is not authorized to speak to the media told the paper, “some people looked like they had their hardware wiped — it just shut down the whole network site.”

The Philadelphia Inquirer quotes an internal email to employees which exhorts: “Until further notice, do not access the company network from your home or office. Use your mobile phone on cellular networks only, meaning do not connect your phone via Merck MSD WiFi.”

The screen that pops up on infected computers. Source: KrebsOnSecurity


Security conscious companies keep multiple redundancies of their most precious data, which would presumably protect centrally-located data housed in a company-owned cloud.  But that is far from certain at this point. Data on local hard drives of individual Windows computers are the only thing we know for sure has been infected by this virus. And even then, the data could be recovered, but only with a password supplied by the thieves.

This recent outbreak of “ransomware” follows a disturbing pattern of global attacks born out of the ShadowBrokers leak back in April, when cyberthieves openly distributed a number of (allegedly) NSA-authored tools which allows hackers to access the most sensitive part of Windows-based computers. Experts recommend always using the latest version of Windows — in that case, Windows 10, which is impervious to this attack — but giant behemoths like Merck never deploy cutting edge software without significant internal testing.

 

Read the latest story on Merck’s cyberattack here.


The best place to read Endpoints News? In your inbox.

Full-text daily reports for those who discover, develop, and market drugs. Join 21,000+ biopharma pros who read Endpoints News by email every day.

Free Subscription

Biomanufacturing