Fraud Management & Cybercrime , Ransomware

German Pharma Wholesaler AEP Targeted in Ransomware Attack

Firm Supplies More Than 6,000 Pharmacies
German Pharma Wholesaler AEP Targeted in Ransomware Attack
Image: Shutterstock

A ransomware attack on German pharmaceutical distributor AEP detected Monday has not led to medication shortages so far, report local media.

See Also: Protect Your Small & Mid-Sized Business From Cyberthreats This Holiday

AEP is a Bavarian pharmaceutical wholesaler that supplies more than 6,000 pharmacies throughout Germany. It disclosed Wednesday that hackers successfully encrypted some of its IT systems.

"We took immediate necessary and far-reaching protection measures," the company said. "We are working on solutions with the help of external experts for cyber incidents and IT forensics, immediately separated all external connections and shut down all IT systems affected."

The incident also impacted the company's communication systems, AEP said.

The firm did not identify the hackers behind the attack. It told the German pharma publication Apotheke Adhoc the incident did not result in any data loss. Bavaria cybercrime police are investigating, reported in 2023 the wholesaler stocks more than three million products and employs more than 200 individuals.

Attack on AEP is the latest case of wave of ransomware attacks against the healthcare sector globally. Ransomware actors attempt to monetize the medical emergencies created in attacks, which often result in medical staff being locked out from accessing vital patients records.

A February ransomware attack against U.S. medical billing middleman Change Healthcare disrupted pharmacies across the country (Groups Warn Health Sector of Change Healthcare Cyber Fallout).

Multinational pharmaceutical giant Cencora in an updated August breach notification told federal regulators that hackers stole personal and health information

Law enforcement agencies in recent months disrupted notorious ransomware groups such as LockBit and Alphv, but the ransomware-as-a-service model embraced by the criminal underground enables even novice actors to carry out sophisticated attacks, said Dan Lattimer, a vice president at Semperis, an Active Directory and recovery solutions firm

"As long as the Russian-based groups are provided a safe haven, it is not shocking to see the ransomware economy grow to $5 billion in the next few years, with healthcare organizations firmly in their sights," Lattimer said. "These organizations find themselves elevated in the hierarchy of industries that will be attacked simply because IT downtime significantly impacts human life."

Healthcare is a target for ransomware actors because the sector typically lacks security resources while running on outdated networks, said Jon Miller, CEO and co-founder of Halcyon, an anti-ransomware firm.

"Ransomware groups exploit this vulnerability with calculated cruelty - they know these attacks don't just halt business; they jeopardize lives," he said.


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.