Ransomware strikes biotech firm researching possible COVID-19 treatments
As the COVID-19 pandemic was spreading through the U.S. last month, hackers struck a California-based biotechnology company which makes tools that researchers are using to learn about the coronavirus.
In a financial disclosure form filed to the U.S. Securities and Exchange Commission Wednesday, 10x Genomics Inc. said it experienced an attempted ransomware attack that also involved the theft of company data. The firm restored normal operations “with no material day-to-day impact,” and said it is working with law enforcement to investigate the breach.
The company currently is part of an international alliance that is sequencing cells from patients who have recovered from COVID-19 as part of an effort to understand possible treatments for the disease.
“It is particularly disappointing that we would be attacked at a time when our products are being used widely by researchers around the world to understand and fight COVID-19,” a 10x Genomics spokesperson said in a statement.
Exact details of the attack remain unclear, though it occurred some time in March, as the healthcare sector in the U.S. became gripped with the coronavirus, a novel sickness that has infected more than 216,000 U.S. residents as of press time. A March 13 tweet from the Israeli security firm Under the Breach reports that attackers using the REvil/Sodinokibi ransomware claimed to steal 1 terabyte from 10x Genomics. In an attempt to prove their legitimacy, the hackers posted a sample file containing company usernames, an employee database, internal password policies and domain information.
“This looks serious,” the Under the Breach account said at the time.
It’s the kind of hack that cybersecurity experts have warned about for years.
Hackers struck Hollywood Presbyterian hospital in 2016, demanding that administrators pay $17,000 to allow the medical center to restore normal operations. Since then, doctors have had to turn away patients after ransomware attacks against the U.K.’s National Health Service in 2017 and at health systems in Alabama last year, among other instances.
The urgent need for medical care amid the COVID-19 pandemic naturally has led to concerns that hackers would exploit hospitals’ software vulnerabilities at facilities already overwhelmed by patients in need. A team of cybersecurity practitioners have volunteered their service to the healthcare sector by sending alerts about evolving threats.
Bloomberg News first reported on the ransomware attack at 10x Genomics on Wednesday.
Update, April 2, 12:34pm ET: This story has been updated to include a statement from 10x Genomics.