Eisai Ransomware Attack – Cybercriminals Strike the Pharmaceutical Sector

When it comes to ransomware attacks, the bigger the company is, the more beneficial the outcome will be. Cybercriminals have been targeting huge names worldwide, encrypting their data, and harvesting financial assets in exchange for decryption. Unfortunately, these attack strains don’t seem to be slowing down, as another incident occurred with none other than Pharmaceutical giant – Eisai.

The Tokyo-based pharmaceutical company recently disclosed the breach, stating that attackers have managed to infiltrate its systems and encrypt some of its servers. This forced the company to shut down most of its IT systems to contain the damage and prevent it from spreading.

With a revenue of over 5.3 billion dollars, it’s quite obvious how grand this scheme is. But still, we have to ask: How did the threat actors infiltrate one of the biggest companies in Tokyo? What data was compromised? Did they ask for a ransom? Find out in the following article.

Eisai Ransomware Attack – A Chronic Cyber Disease

Cybercriminals are literally everywhere, developing new techniques to target their victims. It doesn’t matter what sector falls victim as long as they benefit from it. The malicious groups behind the attacks vary, but the results are the same – complete chaos.

Cybersecurity firms can track such campaigns and, sometimes, even stop them. For example, Avast came up with a much-needed decryptor for the Hades ransomware that has been terrorizing companies all over the world.

These firms are trying their best to limit the number of ransomware families. However, as much as they try, there’s always a new attacker at the scene. As we mentioned, it doesn’t matter what sector they might target, but the Pharmaceutical department has had its fair share of attacks.

Even the Almighty AstraZeneca had once fallen victim to an attack that exposed critical information. Now, the latest attack involves none other than Tokyo-based pharmaceutical company Eisai.

What Happened?

Eisai is a well-known facility that develops and produces medication for cancer and the treatment of chemotherapy side effects. Not only that, but it also produces solutions for seizures, neuropathy, and dementia.

The company confirmed the ransomware attack and that some of its servers were encrypted by the threat actors:

“A ransomware incident that encrypted some of Eisai Group’s servers was detected late at night on Saturday, June 3, Japan time. We immediately implemented our incident response plan and launched an investigation with the aid of our cybersecurity partners [and] a company-wide task force was convened to rapidly work on response procedures.”

When the company figured out everything about the attack, it limited access to its services. Logistic systems in different countries around the world were taken offline. Yes, around the world as Eisai operates medical units outside of Japan, specifically in the United Kingdom, North Carolina, and Massachusetts.

Certain systems both in and outside of Japan, including logistics systems, have been taken offline as a result of the incident and our ongoing response process. Our corporate websites and email systems are operational at this time. The possibility of data leakage is currently under investigation.

No threat actor group has claimed the attack yet. Back in 2021, when Eisai got breached for the first time, the now-defunct ransomware group AtomSilo took responsibility for the attack.

There’s a lot of missing information till now. We don’t know who’s behind it or whether the company paid a ransom or not. We’ll have to wait for additional details about the attack when the company discloses them.

The Pharmaceutical District is Under Attack

With an annual revenue of $5.3 billion and over 10,000 employees, it’s no shock that Eisai has become a priority target for cybercriminals. Such big names around the world will always be targeted, it’s a matter of how they can fend the attacks off.

The attackers deployed encryptors and the company’s IT teams seemed to be understaffed and unable to respond effectively to the situation. Also, Eisai is working alongside security firms to investigate further into the incident. We’ll update you guys once we get more information.