Skip to content
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Some Guy)   Pharma and Biotech companies have been the targets of more cyberattacks than any other industry, and the attacks are becoming more sophisticated. Click here if you'd like to prescribe a quick fix solution to a systemic problem   (biopharma-reporter.com) divider line
    More: PSA, Malware, biotech companies, cybercriminals' target lists, pharma industries, Eyal Benishti, Threat actors, Process management, lot of pharma companies  
•       •       •

200 clicks; posted to Business » on 18 Oct 2021 at 9:56 PM (7 weeks ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook



11 Comments     (+0 »)
View Voting Results: Smartest and Funniest
 
2021-10-18 10:36:27 PM  
Not surprising and also fark them
 
2021-10-18 10:49:03 PM  
As long as idiot employees click on every goddamned attachment and answer every question from questionable email addresses, companies will be vulnerable.

"Hey, what's this I found in the company parking lot! Someone must've dropped this flash drive! Mine now! Guess I'll plug it into the company computer and see what is on it!"
 
2021-10-18 10:57:34 PM  
Totally not surprised. Bio-Pharma really needs to adopt Google or Amazon's security practices.
 
2021-10-18 11:05:56 PM  

Nonrepeating Rotating Binary: As long as idiot employees click on every goddamned attachment and answer every question from questionable email addresses, companies will be vulnerable.

"Hey, what's this I found in the company parking lot! Someone must've dropped this flash drive! Mine now! Guess I'll plug it into the company computer and see what is on it!"


Is there even a single documented example of an actual dropped-USB attack in real life?
 
2021-10-18 11:51:03 PM  

Enigmamf: Nonrepeating Rotating Binary: As long as idiot employees click on every goddamned attachment and answer every question from questionable email addresses, companies will be vulnerable.

"Hey, what's this I found in the company parking lot! Someone must've dropped this flash drive! Mine now! Guess I'll plug it into the company computer and see what is on it!"

Is there even a single documented example of an actual dropped-USB attack in real life?


Yes.

https://www.wearethemighty.com/mighty​-​history/worst-cyber-attack-usb/

and if you search around, you'll find several more.
 
2021-10-19 12:31:47 AM  

meathome: Enigmamf: Nonrepeating Rotating Binary: As long as idiot employees click on every goddamned attachment and answer every question from questionable email addresses, companies will be vulnerable.

"Hey, what's this I found in the company parking lot! Someone must've dropped this flash drive! Mine now! Guess I'll plug it into the company computer and see what is on it!"

Is there even a single documented example of an actual dropped-USB attack in real life?

Yes.

https://www.wearethemighty.com/mighty-​history/worst-cyber-attack-usb/

and if you search around, you'll find several more.


The belief that that attack was initiated from a dropped drive is not substantiated by credible sources. From the wording of official reports, there's no indication that it wasn't a drive owned by the person using it.
 
2021-10-19 12:31:48 AM  
So is there some way to turn a DDOS attack back at it's source?
 
2021-10-19 12:53:10 AM  
Are companies starting to get back to internal networks? Like the banks have with the old microwave relays that are totally not the internet. Can't hack an air-gapped network... well, at least from far away. I know the old bit about the only safe computer being one taken apart and kept in a vault.
 
2021-10-19 2:57:14 AM  

Nonrepeating Rotating Binary: As long as idiot employees click on every goddamned attachment and answer every question from questionable email addresses, companies will be vulnerable.

"Hey, what's this I found in the company parking lot! Someone must've dropped this flash drive! Mine now! Guess I'll plug it into the company computer and see what is on it!"


And even when they don't, whatever unicorn-laden day that is.  This shiat's getting complicated.  Deepfaked voice calls, etc.
 
2021-10-19 3:12:56 AM  

wildcardjack: Are companies starting to get back to internal networks? Like the banks have with the old microwave relays that are totally not the internet. Can't hack an air-gapped network... well, at least from far away. I know the old bit about the only safe computer being one taken apart and kept in a vault.


Guess so, I've worked for places that do that.

Makes total sense
 
2021-10-19 6:40:26 AM  
Most of the companies I've interacted with have extremely sophisticated document control and security protocols for the research side. This becomes imperative once they get involved with clinical trials. It's a highly regulated environment. At least as of about 10 years ago, they still valued their IT infrastructure support people because their value was clear.

As many of you will know, there are two opposite polarities of IT support philosophy. There are those who work hard to enable you to get your work done, will even spend significant effort to understand what you do, what you want to do, what you need to do --- and will do their very best to find good solutions. And then there are those who try to tell you that you are allowed to do things their way. The latter type don't tend to last when the head of research at Pfizer complains about how his people are being hamstrung by some little shait.

However, the folks who work in sales and marketing often use different infrastructure. I could see the boys in marketing being easy targets for phishing. As for targets on marketing plans, who the hell cares. They're mostly BS anyway. I expect the scientific side will remain pretty safe and backed up. Their biggest fear would be espionage where a poorly paid technician walks out the door with a USB drive full of data for a promise of getting laid.
 
Displayed 11 of 11 comments

View Voting Results: Smartest and Funniest

This thread is closed to new comments.

Continue Farking




On Twitter


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.