Flipping the Script: Security Concerns for Pharma IT
A major name involved in the Petya cyber-attack in late June is a familiar one in the pharmaceutical industry – Merck. The pharmaceutical giant – who notably has some operations in Ukraine, the country disproportionately affected by the attack, was one of hundreds of companies affected by the global cyberattack. (See our post detailing the attack here.)
It said that its systems had been shut down following the attack. Detailing the extent of the impact, one Merck employee told The Washington Post, “some people looked like they had their hardware wiped — it just shut down the whole network site.”
Merck issued a series of posts (included below) to its Twitter account, updating its followers after the security breach.
What other actions did Merck take in the wake of the attack? As Philly.com reported – “An internal Merck communication early Tuesday warned employees that the company was the target of a ransomware attack and advised them to disconnect their computers from the network.”
Security Lessons for the Pharma Industry from the Merck Cyber Attack
In its response to the attack, Merck said that after containing the issue, it had followed business continuity plans, as part of its efforts to minimize disruption to its partners and customer base. By June 30, three days after the attack, Merck appeared to have resumed operations, stating that it was once again fulfilling orders.
What lessons can be drawn from the cyberattack on Merck and how they were able to bounce back after the breach?
As if we didn’t already know, this demonstrates how critical disaster preparedness is, particularly for industries serving a critical function, like pharma. When it comes to technology platforms, pharma companies should be discerning and only partner with the right providers, who meet baseline security requirements and can cater to the unique needs of the industry.
Not only does dinCloud have extensive experience working with companies in the pharmaceutical industry, we can help support your HIPAA and PCI requirements. For more detail on our pharma experience, see our case study featuring a national group of compounding pharmacies. It details how we were able to streamline their operations when they switched over from a competitive virtualization solution.
We also have a number of related resources for pharma companies, for those interested in the Merck breach: