In 2017, cybercriminals took control of computer systems at Merck & Co, locking them, and demanding a ransom. The hack disrupted multiple operations, including temporarily halting production of the HPV vaccine Gardasil.

While the motivation for the attack is still a topic of debate, the incident illustrated the potential financial and supply chain damage hackers can do to pharmaceutical companies if given the opportunity.

In the years since the Merck incident, the frequency of biopharma hacks has increased with German drug and chemical manufacturer Bayer being one of the most recent examples.

And the COVID-19 pandemic has exacerbated the problem. According to analysis by cybersecurity firm Bluevoyant, the number of attacks against drug manufacturers was 50% greater in 2020 than in 2019.

The surge—the authors say—is in part because companies developing SARS-CoV-2 vaccines and therapeutics are being targeted.

“COVID-19 vaccines are the crown jewels in 2020 with eight of the most prominent companies in the race for a vaccine facing high volumes of targeted malicious attacks.”

Remote access challenges

Drug firms that use digital technologies are the most likely to be targeted, says Saurabh Sinha, a cybersecurity expert at the University of Johannesburg in South Africa who has written about the risks faced by the sector.

“As Industry 4.0 expands, there will be more vulnerabilities than ever before. During the COVID-19 period, this has also been the case—because there were more users working offsite,” he points out.

One problem is that remote access systems require “leniencies that further open the possibilities for cyberattacks,” according to Sinha, who says biopharmaceutical companies need to adjust staff training to guard against attacks.

“The solution resides in an augmented approach and in continuing professional education to ensure the ‘digital fitness’ of individuals interfacing with a manufacturing process,” he continues”

Even after the pandemic, industry will need to more fully understand the range of potential vulnerabilities, Sinha says, citing data-enabled manufacturing operations as an area where cybercriminals often try break in.

“While hackers may be persons, this need not necessarily be the case; algorithms or bots may also deploy or develop interaction with a system. If instrumentation is connected to a network, particularly with connectivity to the internet, there is possibility to change conditions,” he tells GEN, adding that keeping bioprocessing system software up-to-date is key to any industrial cybersecurity strategy.

“If the software is routinely upgraded with security updates the likelihood of attack is less,” says Sinha. “It is also possible to have certain critical processes setup as a virtualized or localized network in a way this will reduce some conveniences and enable a more secure setup.”