eResearchTechnology, a company that offers clinical services and builds software used by the biomedical industry, was hit by a ransomware attack on September 20. Due to the extensive use of its tool by companies involved in Coronavirus research worldwide, the attack slowed down the research itself.
People eagerly await any new development related to COVID-19 research, particularly vaccines and quick tests. Cybercriminals usually have other plans, and they often hit industries involved in critical tasks. Ransomware is often wielded in these situations because such organizations could be more inclined to pay the ransom.
The company didn’t report the initial attack, and details only came to light in a New York Times report. Drew Bustos, ERT’s vice president of marketing, admitted that the ransomware incident took place on September 20, after which they called security experts and notified the FBI.
eResearchTechnology makes software used in numerous clinical trials, including by companies actively working to develop Coronavirus vaccines and therapeutics. That includes IQVIA, an organization that manages AstraZeneca’s COVID vaccine trial, and Bristol Myers Squibb, a pharmaceutical company working to develop a quick test.
Bustos also said systems are finally coming back online and should be working in the coming days. This means that it took them more than two weeks to fix the problem. It’s unclear whether the company paid the ransom or had other means to restore services.
While the cybersecurity incident didn’t stop the trials and therapeutics’ development, it likely prompted a slowdown. The ransomware attacks didn’t affect other vaccine trials, like those of Pfizer and Johnson & Johnson.
Unfortunately, this is not the first time a cybersecurity incident has hindered COVID-19 vaccine development. Just a few months ago, law enforcement agencies including NCSC, CSE, DHS CISA and the NSA issued a joint advisory regarding recent activities of APT29 targeting organizations from the US, UK and Canada involved in COVID-19 research.