COVID-19 Vaccine-Maker Hit with Cyberattack, Data Breach

covid-19 vaccine maker data breach

Dr. Reddy’s, the contractor for Russia’s “Sputinik V” COVID-19 vaccine and a major generics producer, has had to close plants and isolate its data centers.

COVID-19 vaccine manufacturer Dr. Reddy’s Laboratories has shut down its plants in Brazil, India, Russia, the U.K. and the U.S. following a cyberattack, according to reports.

The Indian company is the contractor for Russia’s “Sputinik V” COVID-19 vaccine, which is about to enter Phase 2 human trials. The Drug Control General of India (DCGI) gave the company the go-ahead on Oct. 19.

In the U.S., it’s a major producer of generics, including therapeutics for gastrointestinal, cardiovascular, pain management, oncology, anti-infectives, pediatrics and dermatology.

In addition to shutting down plants, the drug-maker has isolated all data center services in order to apply remediations, The Economic Times reported. Citing sources, ET said that the company was victimized by a data breach.

“In the wake of a detected cyber-attack, we have isolated all data center services to take required preventive actions,” CIO Mukesh Rathi said in a media statement Thursday night. “We are anticipating all services to be up within 24 hours, and we do not foresee any major impact on our operations due to this incident.”

According to the BBC, production at some of Dr. Reddy’s facilities has been disrupted in India, and phone lines appeared to be down at two U.K. offices. The company hasn’t released details of the attack and has not commented on facilities being taken offline.

COVID-19 Espionage

This incident may or may not be related to the Hyderabad-based company’s involvement in COVID-19 vaccine development, but in general, espionage related to pandemic medical research has been an ongoing problem. Both private and state-sponsored groups are targeting pharmaceuticals because of the economic and influential advantages a successful vaccine will provide to countries, according to researchers.

In July, the U.S. Department of Homeland Security warned that Russia-linked group APT29 (a.k.a. CozyBear or the Dukes) has been targeting British, Canadian and U.S. research companies. The APT looks to pilfer COVID-19 vaccine research from academic and pharmaceutical institutions, in a likely attempt to get ahead on a cure for coronavirus, DHS warned.

Earlier on in the pandemic, the World Health Organization was targeted by the DarkHotel APT group, which looked to infiltrate its networks to steal information.

And meanwhile, the Justice Department recently accused Chinese government-linked hackers of spying on Moderna, the Massachusetts biotech company. The federal government is supporting the development of Moderna’s vaccine research, with nearly $1 billion invested and clinical trials underway.

“There is strong interest from cyber attackers on the pharmaceutical industry as research and development efforts are focused on creating a vaccine for COVID-19,” Chris Hazelton, Director of Security Solutions at Lookout, told Threatpost. “The first to market with a vaccine will have a significant competitive advantage, which is why there is a strong motive for IP theft in the pharmaceutical industry.”

As such, pharmaceutical companies should put IT resources into securing their unique environments, he added.

“Researchers spend a significant time away from desks, which means tablets and smartphones become the primary device used by lab technicians active in the development of drug formulas,” Hazelton said. “The pharmaceutical industry has always been at the forefront of technology adoption. They use tablets and smartphones as integral parts of the entire drug development and distribution process.

“With this intense focus on a COVID-19 vaccine, pharmaceutical security teams should assume there are threat actors inside their infrastructure,” he added.

Suggested articles