The closure of the plasma empire has jeopardized drug development.
Medical company Octapharma Plasma has faced a major problem in its IT infrastructure, which has led to the closure of more than 150 blood plasma collection centers in the United States.
A banner appeared on the company's website with information that all centers are closed due to network problems. A source familiar with the situation told The Register that the reason is the infection of the network with the BlackSuit ransomware program.
Banner on the Octapharma Plasma website
A failure in the operation of American centers can seriously affect the supply of plasma to Octapharma's European divisions, since more than 75% of plasma comes from the United States. The source also noted the disdainful attitude of the company's IT department management to security issues, which has now led to serious consequences.
Cybercriminals gained access to the company's VMware systems, and then deployed the BlackSuit ransomware program. The virus is a new strain linked to earlier versions of Royal and Conti, which were previously used to attack the health and public health sectors.
Octapharma Plasma promptly reported problems in its networks and launched an investigation with the help of external experts to assess the impact of the incident. The investigation is still ongoing, and the company promises to keep the public informed through social networks, the specialized OctaApp application and its website.
Octapharma Group, the parent company of Octapharma Plasma, which is headquartered in Germany, covers 118 countries and reported record sales of €3.266 billion in 2023.
The incident puts not only the company's operations at risk, but also the health of patients who require life-saving procedures and medications, putting sensitive medical and financial data of customers and donors at risk. If protected information is leaked, the company may face class-action lawsuits and investigations.
The issue of security in the medical sector remains acute, especially given the growing interest of criminal groups in this industry due to the high probability of paying ransoms.
In 2023, an analysis of the Linux version of BlackSuit revealed a significant similarity between the software and the Royal family of ransomware. Trend Micro, which investigated the malware version, said it found "an extremely high degree of similarity" between the two ransomware programs.
Initially, it was expected that the Royal hackers would completely rename their ransomware program to BlackSuit after information about the new cryptographer appeared in May 2023. But we did not wait for the "rebranding". The group still actively uses Royal, only in a limited number of cases using BlackSuit. For example, for attacks on large businesses.
Medical company Octapharma Plasma has faced a major problem in its IT infrastructure, which has led to the closure of more than 150 blood plasma collection centers in the United States.
A banner appeared on the company's website with information that all centers are closed due to network problems. A source familiar with the situation told The Register that the reason is the infection of the network with the BlackSuit ransomware program.
Banner on the Octapharma Plasma website
A failure in the operation of American centers can seriously affect the supply of plasma to Octapharma's European divisions, since more than 75% of plasma comes from the United States. The source also noted the disdainful attitude of the company's IT department management to security issues, which has now led to serious consequences.
Cybercriminals gained access to the company's VMware systems, and then deployed the BlackSuit ransomware program. The virus is a new strain linked to earlier versions of Royal and Conti, which were previously used to attack the health and public health sectors.
Octapharma Plasma promptly reported problems in its networks and launched an investigation with the help of external experts to assess the impact of the incident. The investigation is still ongoing, and the company promises to keep the public informed through social networks, the specialized OctaApp application and its website.
Octapharma Group, the parent company of Octapharma Plasma, which is headquartered in Germany, covers 118 countries and reported record sales of €3.266 billion in 2023.
The incident puts not only the company's operations at risk, but also the health of patients who require life-saving procedures and medications, putting sensitive medical and financial data of customers and donors at risk. If protected information is leaked, the company may face class-action lawsuits and investigations.
The issue of security in the medical sector remains acute, especially given the growing interest of criminal groups in this industry due to the high probability of paying ransoms.
In 2023, an analysis of the Linux version of BlackSuit revealed a significant similarity between the software and the Royal family of ransomware. Trend Micro, which investigated the malware version, said it found "an extremely high degree of similarity" between the two ransomware programs.
Initially, it was expected that the Royal hackers would completely rename their ransomware program to BlackSuit after information about the new cryptographer appeared in May 2023. But we did not wait for the "rebranding". The group still actively uses Royal, only in a limited number of cases using BlackSuit. For example, for attacks on large businesses.
