BlueVoyant Report Reveals Biotech and Pharmaceutical Industry under Aggressive and Targeted Attack

As the industry ramps up global vaccine production and distribution, report highlights the attack types and emerging threats that are likely to intensify

New York, NY – November 18th, 2020: BlueVoyant, a cybersecurity services company, today announced the findings from its Biotech and Pharmaceutical 2020 Report, which showed that attacks on this industry had increased by 50% between 2019 and 2020. The report highlighted that nation-states are ramping up cyber attacks on companies that are developing vaccines, and this is likely to increase as production and distribution gets underway.

BlueVoyant analysis examined open-source records of 25 publicly reported attacks that have taken place in the last four years. It set out to define key risks and how COVID-19 has changed the threat landscape. Establishing that ransomware is still the number one threat vector for this industry, the report identifies the key risks that companies face and the steps they need to take to mitigate these. BlueVoyant undertook additional observational and in-depth research into 20 companies – 12 of the largest biotech and pharmaceutical organizations in the world, and eight that were most active in developing COVID-19 vaccines.

Key findings from the report include:

  • The number one emerging threat in 2020 is nation-state espionage aimed at stealing COVID-19 vaccine research data. That said, the top threat overall is still ransomware.
  • COVID-19 vaccines are the crown jewels in 2020 with eight of the most prominent companies in the race for a vaccine facing high volumes of targeted malicious attacks. These are often out of proportion to their size and larger attack volumes than well-known pharmaceutical giants.
  • Biotech and pharmaceutical companies are under daily attacks which include brute force, phishing attempts, and targeting of vulnerable web applications.
  • Attacks are escalating. Of the 25 attacks reported to the media since 2017, 10 (40%) took place in 2020.
  • Key defenses against such attacks such as securing open remote desktop access ports and phishing security had not been implemented across most of the observed companies.
  • 80% of the 20 companies analyzed showed signs of more targeted attack activity.


Commenting on the research, Jim Penrose, COO, BlueVoyant said: “Pharmaceutical companies develop highly lucrative IP, they handle large amounts of patient and healthcare data and as such are a prime target for criminals looking to compromise, steal and exploit information. Now they face an even more elevated risk environment in the current pandemic as well-resourced nation-state actors mount aggressive and focused campaigns.

“Most organizations in this sector are significantly scaling up their digital platforms but cyber posture lags. They need to continuously monitor new attack vectors. Importantly, once they have secured their own systems, they need to look outward to supply chain cybersecurity because this sector, more than most industries, has interconnected digital business ecosystems with many supply chain dependencies. Supply chain cybersecurity is a critical step in ensuring against third-party cyber risk.”

The report highlighted several key implications:

  • First, nearly all (80%) of companies targeted experienced malicious, intentional and focused efforts. Even more troubling, over a quarter (7 out of 20) showed signs of compromise.
  • Second, attackers used automated tools and infrastructure and three quarters used programmatic brute force attacks, meaning they had acquired a credential database and then bought an automated program to target specific companies.
  • Third, these incidents occurred without regard to company size, area of focus or geography. The wide distribution of attacks did not follow a clear pattern, which means that organizations were under attack from sophisticated and knowledgeable cyber actors.


Jim Rosenthal, founder and CEO, BlueVoyant, concludes: “The ongoing effort to find a vaccine and cure for COVID-19 is an endeavor we all want to succeed. The high level of cyber risk associated with the firms working on this critical mission ought to be a call for action to take immediate measures to drive down cyber risk. Around the globe all citizens want peace of mind that these firms will guarantee confidentiality, integrity, and availability in their research, development, manufacturing, and data management activities as they race against the clock to deliver life-saving breakthroughs. We have recently seen the first death of a patient in Germany attributed to ransomware paralysing a hospital’s networks. We need to ensure that the growing surge of attacks against the pharmaceutical sector does not disrupt the delivery of healthcare, and the production and distribution of COVID-19 vaccines in 2021.”

About BlueVoyant

BlueVoyant is an expert-driven cybersecurity services company whose mission is to proactively defend organizations of all sizes against today’s constant, sophisticated attackers, and advanced threats.

Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200 and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.

Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, Manila, Toronto, London, and Latin America.

BlueVoyant Press Contacts:
Danielle Ostrovsky
C8 Consulting (Americas)
T: 001 410-302-9459
E: danielle@c8consulting.co.uk

Jim Pople
C8 Consulting (EMEA)
T: +44 7955 030191
E: jim@c8consulting.co.uk

Preview BlueVoyant - Biotech and Pharma Release
DOWNLOAD PRESS RELEASE