Following the recent trend among Japanese firms, such as West Japan Railway, Tokyo Electric Power Company Holdings, and some local governments, who have all fallen victim to cyberattacks as reported by The Japan Times, pharmaceutical giant Eisai has joined the list.
Last week, the company reported that a number of its servers had been hit by a ransomware attack, although no reports of leaked confidential information have been made public, nor is the company aware of any leak. The same hacker group that was responsible for hacking the former establishments is suspected to be responsible for this attack.
In the attack, data on several company servers has been encrypted, and the company is still assessing the possibility of data leaks, although it will take time to assess the full extent of the damage caused. The impact that this will have on the company’s earnings also has to be assessed to see if any revisions have to be made. Eisai announced that it will be sharing an earnings forecast as soon as possible.
In an effort to restore the system and respond to the threat, the company has been working with police officials and external experts. The drugmaker has also cut off links with part of its domestic and overseas internal systems in a bid to limit any further damage. Although these systems have been shifted online, the firm’s corporate websites and email systems remain operational. Within the firm, a company-wide task force has been established to get to the root of the problem.
It is still unsure if monetary demands are being made for the confidential data being held hostage since Eisai has refused to disclose this information.
According to an official at the National Center of Incident Readiness and Strategy, the reason that the country may be being targeted for such attacks is that Japan will be hosting the G7 summit. As a result, officials have warned relevant organizations to stay alert.
Eisai is not the only drugmaker that has had to fend off cyber attacks. In recent years, many biotechs around the world have faced similar issues. For example, in early April this year, a German biotech Evotec had to shut down its network of IT systems after unusual activity was reported on them. Before that, in March, after an IT security breach, Sun Pharma had to respond by isolating its system.
Hacking group Industrial Spy also claimed to have posted data stolen from the laboratory environment of the manufacturing plant of Novartis last year. However, the Swiss pharma confirmed that no sensitive data was compromised due to the cyberattack.
Only last month was Merck able to gain a verdict regarding its 2017 NotPetya cyberattack. The positive ruling considered the infection of machinery in Merck’s global network. More than 40,000 pieces of technology were affected by the attack. In the end, the attack was attributed to Russia’s military intelligence operations by the U.S. government.