Pharmaceutical manufacturer, Merck, has revealed in its financial summary for the second quarter of 2017 that a devastating cyber-attack has disturbed its global operations, including manufacturing, research, and sales.
The attack in particular was not detailed, but it’s believed the attack in reference is the NotPetya malware attack that took place in June. The NotPetya malware outbreak impacted tens of thousands of victims across 65 different countries, targeting massive organizations like the Ukraine’s central bank, WPP, DLA Piper, and AP Moller-Maersk.
The security community initially believed NotPetya was a piece of ransomware, similar to that of WannaCry which also devastated hundreds of thousands of victims across the world. With closer analysis, experts were able to conclude that NotPetya was actually a wiper and that even if the victims paid, it was highly unlikely they could recover their files.
Merck announced last Friday that they have yet to fully assess the impact of the disruption and that they are still working to fully restore operations and minimize the impact of the incident. According to the statement made by Merck, they have largely restored their packaging operations and have partially restored its formulation operations. They are still in the process of fully restoring the Active Pharmaceutical Ingredient operations, but have yet to produce bulk produce since the attack. Throughout all of this, the company’s external manufacturing has not been impacted, allowing the company to fulfill orders and ship product across the globe. However, some other organizations have not proved so lucky.
FedEx stated last month that they are still working to restore all systems impacted by the malware attack. FedEx also admitted it may not be able to fully restore all affected systems and recover all the crucial business information encrypted by NotPetya.
Breach and Intrusion Detection requires forensic-level change detection for files, registry hives, service and process lists, network ports, and other indicators. In addition to reporting file changes, we forensically evaluate the normal operation of your IT systems and application and alert you of unauthorized or suspicious changes that could be potential malware like NotPetya. Even the most sophisticated strains of malware precipitate some sort of change in order to function. By deploying NNT Change Tracker Gen7, you give yourself the reassurance you can spot the most evasive malware and prevent a data breach from impacted your organization.
Read this article on SecurityWeek