Introduction
The pharmaceutical industry is undergoing transformative growth, projected to reach $1.39 trillion by 2028. This expansion is driven by an aging population and advancements in drug development. However, the industry’s rapid digital transformation and valuable data make it a prime target for cybercriminals, with 97% of pharmaceutical companies experiencing at least one cloud data leak. The interconnected pharmaceutical supply chain further amplifies these risks, leading to a surge in ransomware attacks, such as the 2024 Cencora cyberattack.
Background
In February 2024, Cencora, a global leader in pharmaceutical distribution with $262.2 billion in revenue, was targeted by a sophisticated cyberattack. Attackers exfiltrated critical data, including intellectual property, financial records, and customer information.
The Attack
The Attack
- Likely a ransomware attack by the Dark Angels group.
- Attack vector possibly involved spear-phishing, malware, or zero-day vulnerabilities.
- Attackers remained undetected for an extended period, exfiltrating sensitive data before initiating the ransom demand.
Impact
- $75 million ransom payment.
- Additional costs for investigation, data recovery, and security enhancements.
- Loss of sensitive intellectual property, disrupting research and jeopardizing competitive advantage.
- Reputational damage and erosion of trust among partners and customers.