Ransomware attacks on pharmaceutical giants: Crinetics Pharmaceuticals under scrutiny by cybercriminals


Pharmaceutical Company Crinetics Pharmaceuticals Under Scrutiny After Ransomware Attack

Pharmaceutical company Crinetics Pharmaceuticals, listed on the Nasdaq stock exchange, has come under the spotlight following a cyber incident reported by the ransomware group LockBit. The company specializes in developing innovative therapies for endocrinological diseases.

Discovery of Suspicious Activity and Company’s Response

Upon discovering suspicious activity on one of the employee accounts, Crinetics Pharmaceuticals immediately blocked access and initiated the cyber incident response process. The company engaged external experts and informed the appropriate law enforcement authorities about the incident.

LockBit Demands Ransom

The LockBit group demanded a ransom of $4 million from Crinetics Pharmaceuticals, setting a deadline for March 23. However, the company decided not to respond to the ransomware demands, causing operational difficulties for the cybercriminal group.

Threat to Other Pharmaceutical Companies

The alleged leader of the LockBit group, known as LockBitSupp, has announced plans to continue attacks, aiming to target a million companies worldwide. LockBit is known for targeting international pharmaceutical companies, with several corporations having fallen victim to this ransomware previously.

Arrests Related to the LockBit Group

According to data provided by Recorded Future, LockBit has carried out nearly 2300 attacks, with the US Department of Justice stating that the group has extorted over $120 million in ransom. Several individuals associated with the group have been arrested in Ukraine and Poland, with further arrests planned in connection with cybercriminal activities.

Crinetics Pharmaceuticals and other pharmaceutical companies remain vigilant in the face of the growing threat of ransomware attacks, striving to effectively protect their data and systems from cybercrime. The increase in cyber incidents demands continuous innovation and investment in security to minimize the risk of data loss and malicious software activities.