shutterstock-155296784-web
Carlos Amarillo / Shutterstock.com
15 September 2014Big Pharma

Pharmaceutical IP under threat from malware, says report

A newly revealed malware could be looking to attack the pharmaceutical sector in order to steal IP, a report has claimed.

The research, compiled by electronics company Belden Incorporated, said the Dragonfly malware, previously believed to be attacking the energy sector, could instead be linked to the pharmaceutical industry.

In the report, Defending against the Dragonfly cyber security attacks, part A – identifying the targets, the first of four, the victims of Dragonfly and its methods of attack are researched.

According to software security company Symantec, Dragonfly has been monitored since 2013 and uses two main pieces of malware, both remote access tools which allow an external operator to control a system.

The Belden report was compiled by Joel Langill, an independent integrated computer solutions (ICS) security expert who was commissioned by Belden.

According to the report, various factors led Langill to believe that the IP belonging to pharmaceutical organisations was the malware’s top priority.

Langill found that out of thousands of possible ICS suppliers, the companies targeted all offered products and services commonly used by the pharmaceutical industry.

The report also found that the Dragonfly attack is similar to another threat called Epic Turla and is likely to be managed by the same team.

That malware has been shown to have specifically targeted the IP of pharmaceutical companies as well, the report said.

“It seems likely that the Dragonfly and Epic Turla campaigns are being run by the same masters for the same primary motive, namely industrial espionage against pharmaceutical companies,” the report said.

“It also appears that the attackers are not just looking for the IP associated with the product, but also information related to building facilities.”

Langill told the Market Watch news website: “The potential damage could include the theft of proprietary recipes and production batch sequence steps, as well as network and device information that indicate manufacturing plant volumes and capabilities.”