The global cyber attack on Danish shipping giant Maersk may have caused more extensive internal damage than first thought. The attack led to the halting of Merck's hepatitis B vaccine production.
Although Merck is only one of the many companies that were involved in the international hacking scheme, the drug company stated that it is still unable to recover from the damage caused by the attack. Some were quick to suspect that Merck did not use the proper antivirus software to counter the attack.
On June 27, global headlines were buzzing about the second major global ransomware hacking attack in the past two months on large facilities and businesses around the world. The cyber attack originated in Ukraine but then quickly spread around the globe. Fortune reported the attack “…took down corporate networks at the Danish shipping company Maersk, American drugmaker Merck, Russian oil giant Rosneft, British ad agency WPP, and British law firm DLA Piper, among other places.”
The mainstream corporate media headlines stayed with the cyber attack story for several days, reporting on the progress companies were making and the hunt for the hack’s Ukrainian origins. During this time the reporting and investigation on Merck went cold. Few, if any, updates and no corporate media follow-up focused on Merck while companies like Maersk were still grabbing front page headlines as the shipping giant struggled to shake off the cyber attack.
Within 24 hours after the attack, the analysis from tech publications like The Verge began to report that the “Petya” virus was something worse than ransomware. Indeed, as the hours passed, many analysts, computer coders, and voices within cyberspace began to concur that Petya was not ransomware but a “wiper” virus specifically designed to lockdown computer systems and destroy data. On June 28, the day after the attack, Merck posted the following on Twitter:
“Our computer network was compromised on June 27 as part of a global cyber attack that affected other organizations worldwide. We immediately shut down our IT systems as a precautionary measure to help contain the problem and, where needed, moved to business continuity plans to ensure ongoing operations.”
On July 28 Merck released its second quarter earnings and was forced to disclose what many had suspected regarding their cyber attack. News outlets were now forced to admit that Merck did indeed suffer extensive internal damage. Reuters reports:
“The drug and vaccine maker previously announced it was a victim of the international hacking scheme, but hadn't disclosed the effect on manufacturing until it released second quarter earnings Friday. Merck is still working to restore manufacturing processes and doesn't know the full impact of the production issues yet.”
While most companies have recovered from their June 27 cyber attack, Merck is now publicly stating that it still does not yet understand the full magnitude of the impact as it is in the process of restoring manufacturing operations. Some claim that the deeper damage suffered by Merck was because of the company’s failure to install the proper antivirus software made available months before the attack occurred.
On July 21 the American Academy of Pediatrics (AAP) and the US Centers for Disease Control and Prevention (CDC) quietly broke news of a major vaccine shortage announced by Merck.
Image courtesy of: Zeeyolq Photography