A software company supporting hundreds of clinical trials — including coronavirus vaccine trials — has been hit by a ransomware attack that “has slowed some of those trials over the past two weeks,” reports the New York Times.
Employees “discovered that they were locked out of their data by ransomware…”
eResearchTechnology (ERT) said clinical trial patients were never at risk, but customers said the attack forced trial researchers to track their patients with pen and paper. Among those hit were IQVIA, the contract research organization helping manage AstraZeneca’s Covid vaccine trial, and Bristol Myers Squibb, the drugmaker leading a consortium of companies to develop a quick test for the virus. ERT has not said how many clinical trials were affected, but its software is used in drug trials across Europe, Asia and North America. It was used in three-quarters of trials that led to drug approvals by the Food and Drug Administration last year, according to its website.
On Friday, Drew Bustos, ERT’s vice president of marketing, confirmed that ransomware had seized its systems on September 20. As a precaution, Mr. Bustos said, the company took its systems offline that day, called in outside cybersecurity experts and notified the Federal Bureau of Investigation. “Nobody feels great about these experiences, but this has been contained,” Mr. Bustos said. He added that ERT was starting to bring its systems back online on Friday and planned to bring remaining systems online over the coming days…
One of ERT’s clients, IQVIA, said it had been able to limit problems because it had backed up its data. Bristol Myers Squibb also said the impact of the attack had been limited, but other ERT customers had to move their clinical trials to move to pen and paper.
The Times notes it’s just one of “more than a thousand ransomware attacks on American cities, counties and hospitals over the past 18 months.” Other interesting details from the article:
ERT’s vice president of marketing “declined to say whether the company paid its extortionists, as so many companies hit by ransomware now do.”
The attack follows what NBC News calls “one of the largest medical cyberattacks in United States history,” taking down the computer systems of Universal Health Services at over 400 locations.
“In May, the FBI and the Department of Homeland Security warned that Chinese government spies were actively trying to steal American clinical research through cybertheft… More than a dozen countries have redeployed military and intelligence hackers to glean what they can about other nations’ responses, according to security researchers.”
Two companies working on a coronavirus vaccine — Pfizer and Johnson & Johnson — emphasized to the Times that they weren’t affected by ERT’s issues, with a Pfizer spokesperson stressing they’re not even using ERT’s software.
of this story at Slashdot.
Source:: Slashdot