Hacking Groups, Including State Organized Actors, Targeting Medical Researchers

Hacking Groups, Including State Organized Actors, Targeting Medical Researchers

The proprietary clinical research data of elite biotechnology firms are under attack by global hackers. Sinister groups seek to digitally usurp the intellectual property, such as results of biotech company and other medical research organization output are increasingly the target for sophisticated criminal cyber-villain organizations. Criminal gangs then either hold the data hostage or potentially resell to others interested in a purchase.

The Genesis Biotech Story

Most recently, Genesis Biotechnology Group, a Hamilton, NJ-based biopharma venture with several units was the victim of a malware attack. It acknowledged in a statement this week that It was the victim of a cyber-attack. Although it didn’t share the name of the division that was attacked, media outlet Bleeping Computer reported that a unit of GBG, Medical Diagnostics Laboratory, was hit with “Maze ransomware.” 

Major CRO Targeted

Charles River Laboratories, a major contract research organization (CRO), was also targeted lately. Based in Wilmington, Mass, the CRO reported an incident involving unauthorized access to segments of its information systems and the copying of data by an intruder. The company revealed no details. But the CRO notes in one of its investor disclosures to the SEC, “Our contracts with our clients typically contain provisions that require us to keep a confidential the information generated from the studies we conduct. The unauthorized access detected, as well as any future breaches, could expose us to significant harm including termination of customer contracts, damage to our customer relationships, damage to our reputation and potential legal claims from customers, employees and others.”

Biopharma Data Highly Sought After

Biopharmaceutical research data is increasingly desired by hacking groups. Security experts, such as attorney Marti Arvin of the security consultancy CynergisTek report that “State actors have been targeting these types of organizations in an effort to acquired proprietary information.”

Vulnerable Institutions

Targeted researchers are often in collaboration with a variety of organizations from academic medical centers and hospitals to biopharmaceutical sponsors not to mention government agencies.

Tactics are Changing

Hacking gangs’ tactics are changing. For example, ransomware gangs such as Maze, Sodinokibi and DoppelPaymer increasingly dump or threaten to dump, stolen in data their attacks reports GovinfoSecurity. Examples include the theft by the Maze gang of nearly 700 MB of data from Allied Universal and then leaked the data health data from Medical Diagnostics Laboratory.  Brett Callow, a threat analyst at Emsisoft, a security company, reported, “Every ransomware incident is now a potential data breach, and consequently, detection and prevention are more critical than ever.

Hack Gangs

The FBI recently warned companies about the Maze hacking gang. The perpetrators often pose as government agency and lift proprietary, often highly sensitive and proprietary information, reports Cyberscoop.com.

Moreover, ransomware experts report that the Maze perpetuator’s strong-arming tactics are a sign of things to come.  One expert noted “We expect to see an increasing trend of threat actors stealing sensitive data from victim organizations before encrypting the data in the victim environments.


Jason G. Weiss, a former FBI special agent and forensics expert who is now an attorney at Faegre Drinker Biddle & Reath reports, “The top threats facing medical researchers, drug development firms and similar types of companies is the evolving nature of high impact cyberattacks, especially focusing on high impact ransomware, new types of malware and a brand new emerging cyberthreat known as disruptionware,” an emerging category of malware designed to suspend operations within a victim organization through the compromise of the availability, integrity, and confidentiality of the systems, networks, and data belonging to the target.

Cyber security should be top of mind for medical research organizations.