A Philadelphia company that sells software used in clinical trials was hit by a ransomware attack. This healthcare ransomware attack has slowed down some trails over the two past week.
This attack began two weeks ago, when employees of eResearch Technology discovered that they were locked out of their data by ransomware (a type of malware, in which attackers hold victims data until they pay to unlock it). ERT has not said that due to this attack, how many clinical trials were affected.
The company said that clinical trials patients were never at risk but customers said that due to attack trials researchers are forced to track their patients on pen and paper.
According to its website, last year the company’s software was used in three-quarters of trials that led to drug approvals by the Food and Administration. Its software is also used in Europe, Asia and North America.
On Friday, the vice president of marketing in ERT, Drew Bustos, confirmed that on sept. 20 their systems were seized.
Bustos further said that, as a precaution, the company took its systems offline and called in an outside cyber expert. They also notified the FBI for investigation.
Bustos said that, “Nobody feels great about these experiences, but this has been contained”.
He also added that on Friday, ERT was starting to bring its system back online and planned to have the system remain online for the next few days. It was too early to say who was behind the attack, Bustos Said. He declined to say ERT paid ransom for its data or not, as most of the companies do nowadays.
After this attack on ERT, last weekend another ransomware attack happened on Universal Health Services.
According to the report of NBC News, it appeared to be “one of the largest cyberattack on medical services in United States history”.
More than a thousand ransomware attacks have happened on American cities, counties and hospitals in the last 18 months.
These attacks were treated as a problem, but in the recent weeks they are taken very seriously, because American officials worry that directly or indirectly they can interfere in the November elections.
According to the news, due to a cyber attack a woman died in Germany. It may be the first death that has happened, due to a cyber attack.
In that case, a Russian hacker took down 30 servers in University Hospital Düsseldorf and forced the hospital to turn away emergency patients. According to Germany authorities, they sent a woman to a hospital 20 miles away. The woman was in life-threatening condition and due to delay in treatment, she died.
One of ERT’s clients, IQVIA, said that they were able to manage the situation, because they had backup their data. Whereas, other ERT customers said that for clinical trail, they had to move to pen and paper.
In a statement, IQVIA said that the attack had limited impact on their clinical trails operations. They also added that they are not aware that any confidential data or patient information related to our clinical trail activities has been removed or stolen.
We have noticed, during the past 7 months, companies and labs working on front lines in the pandemic have been repeat targets for foreign hackers. The FBI and Homeland Security warned in May that through cybertheft, the Chinese spies were actively trying to steal the data.
The Agencies said that healthcare, research sectors and other organizations working on coronavirus vaccine should be aware because they are the primary targets of this activity and take the necessary steps to protect their systems.