Outpost24, an innovator in identifying and managing cybersecurity exposure, today announced the results of its 2021 Web Application Security for Healthcare report for the top 10 European pharmaceutical organisations, as ranked by Drugs Discovery and Development based on annual revenue, R&D spend, employee numbers, leadership and more.
Using Outpost24’s external attack surface management tool, the study evaluates the digital footprint of the Top 10 pharmaceutical organisations in the EU by discovering their internet facing web services and scoring the security exposure identified. Nearly 80% of organisations studied were over what Outpost24 considers as ‘critically exposed’ – above 30, indicating a high susceptibility to having security vulnerabilities presented externally for potential exploits. The findings revealed that the top EU pharmaceutical organizations run an exceptionally large amount of web applications compared to other industries, with 3% of them considered suspicious (e.g., test environments that should’ve been removed), and a further 18% using outdated components containing known vulnerabilities.
In the wake of the pandemic, the pharmaceutical and healthcare industry have become “big game” targets for cybercriminals, with by far the highest cost of data breach and prime examples including: COVID-19 vaccine producer, Pfizer/BioNTech, where thousands of sensitive information was leaked, recent targeting of ExecuPharm in March 2020 by nation state TA505 using Clop ransomware and the devastating impact on patients in the Springhill Medical Centre IT system attack.
Outpost24’s latest report examined the unique attack surface of pharmaceutical applications, highlighting how the pandemic has exacerbated cyber risk and presenting practical recommendations for mitigation.
Key Findings:
The report also highlights several other security and compliance issues including basic SSL, cookie settings, and privacy policy defects. Many of the attack vectors identified are easily fixable and could make a significant difference in reducing the risk of cyber-attacks and protecting critical patient information, intellectual property for new drugs and vaccines.
“As the attack surface and trade secrets that pharmaceutical organisations process become more pertinent, it will give threat actors more reasons and motivations to step up malicious attacks for profit and put public health at risk.” Nicolas Renard, Security Researcher at Outpost24.
“This research highlights the complexity of modern-day pharmaceutical and healthcare applications and the vast volume exposed on the Internet,” said Stephane Konarkowski, Security Consultant at Outpost24. “These results demonstrate how crucial it is for the industry to review their external footprint and vulnerability exposure to improve security hygiene in the face of the ransomware pandemic.”
To view the research and a full breakdown of the most prolific vulnerabilities reported within European pharmaceutical organisations, visit here.
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance

source

You May Also Like

Most Inspiring Women in Cyber 2021: Anjali Das, Partner, Co-Chair Cybersecurity and Data Privacy at Wilson Elser

The IT Security Guru’s Most Inspiring Women in Cyber Awards aims to…

Small businesses facing upwards of 11 cyberthreats per day per device

BlackBerry Limited  has released the 2022 BlackBerry Annual Threat Report, highlighting a…

Fraudsters abuse Twitter APIs to monitor public tweets and pish cryptocurrency scams

Fraudsters use bots to monitor Tweets requesting support to MetaMask, TrustWallet, and…