Polymorphic malware starts data theft after ransomware attack. Malware Tardigrade is increasingly targeting biotechnology companies.
Biotech companies should review their manufacturing networks, many of which are used to manufacture critical drugs or vaccines, for signs of a newly discovered, sophisticated intellectual property theft attack. According to the Bioeconomy Information Sharing and Analysis Center (BIO-ISAC), attacks known as tardigrades are currently spreading within the industry. The malware is highly configurable, adapts to the environment it infected, and can act autonomously if cut off by the attacker's command and control server.
Malware Tardigrade is highly configurable
BIO-ISAC member BioBright investigated attacks on two systems in spring and October. Both initially reported ransomware attacks on their respective networks. This is an unusual practice given the noisy nature of ransomware attacks, which contrasts sharply with the malware's inherent stealth. BIO-ISAC released some technical details this week indicating that the attacks are ongoing. This is why biotechnology companies in particular are called upon to be particularly vigilant.
Biotechnology companies have to be careful
“This attack shows the creativity and the enormous efforts of attackers to attack industrial targets in several ways: On the one hand with a destructive element in the form of ransomware attacks, on the other hand with a cleverly camouflaged attack to steal intellectual property such as research results and production secrets “, Explains Max Rahner, Sales Director DACH of the industrial cybersecurity specialist Claroty. “Fortunately, awareness of industrial cybersecurity in biotechnology is relatively high, not least because of numerous compliance requirements. And yet the attackers were successful. It is to be feared that other industries will also be attacked in a similar way, in which the level of security and transparency in their own systems is not yet so pronounced - with potentially serious consequences. "
More at Claroty.com
About Claroty Claroty, the Industrial Cybersecurity Company, helps its global customers discover, protect and manage their OT, IoT and IIoT assets. The company's comprehensive platform can be seamlessly integrated into customers' existing infrastructure and processes and offers a wide range of industrial cybersecurity controls for transparency, threat detection, risk and vulnerability management and secure remote access - with significantly reduced total cost of ownership.