The Novartis campus in Basel, Switzerland. PhotoGetty images
Novartione of the largest laboratories in the world suffered a cyber attack by the group of cybercriminals Industrial spywho runs an extortion market where they sell data stolen by hacked organizations.
Yesterday, the group began selling allegedly stolen Novartis data on its website, accessible through the dark web, Tor by $ 500,000 in bitcoins. Industrial Spy says the information is related to Novartis DNA and RNA drug testing and technology and was stolen “directly from the manufacturing facility’s laboratory environment.”
The data sold consists of 7.7 MB of PDF files, dated February 25 of this year, probably when the data was stolen. Since the amount of data for sale is minimal, it’s unclear if that’s all of this the attackers stole or if they have more data to sell later.
It is a folder of 11 files in PDF format on analytical procedures, validated methodological reports and other laboratory procedures. This information appears to have been saved since last February 25th.
The information is divided into three parts: a Premium, which consists of paying $ 500,000 for Novartis information, with a promise to remove the information from Industrial Spy’s servers. If not purchased in 7 dayssuch information would appear in the general section and will never be removed from Industrial Spy’s servers with the possibility of being sold to multiple buyers.
The pandemic has increased the number of cyber attacks in recent years. According to sector studies, in these 12 months the number of cyber attacks has increased by 150% and the types of threats are constantly evolving.
Industrial spy is a relatively new group of cybercriminals, active this year, following the reconfiguration of big players like Conti.
The Novartis response
The pharmaceutical company is one of the largest in the world. AP photo
The site specializing in IT security Bleeping Computer He posted an email that he received from the company, during the consultation on the incident. “Novartis is aware of this matter. We have studied it thoroughly and can confirm that no sensitive data has been compromised. We take privacy and data security very seriously and have implemented industry standard measures in response to this matter. type of threats to ensure the security of our data “, they assured.
Industrial Spy is also known to use ransomware in attacks, but there is no evidence that the devices were encrypted during the Novartis incident.
The sales information would come directly from the manufacturing plant environment. Therefore, such information, as explained by the group of cybercriminals, would refer to Novartis’ RNA and DNA-based pharmaceutical technology; the development and next-generation technology for the development of current coronavirus vaccine variants, among others; and, on NOVARTIS gene therapy against cancer (KYMRIAH).
Novartis is a giant of the pharmaceutical world. The latest balances show the income for 25 billion dollars with a net profit of $ 8,200,000,000.
has more than 80 thousand employees.
Source: Clarin