Dr.Reddy’s cyber-attack brings to fore importance of tighter digital security



In a major data breach, drugmaker Dr. Reddy’s Laboratories has temporarily shut down production across its key plants.

This comes just days after the company received approval from DCGI to conduct phase 2 and 3 trials for a reworked protocol of a COVID-19 vaccine that sought some additional information.

This only comes as a reminder to have sold digital infrastructure and tight cybersecurity control measures.

According to a report by HSBC, damage control and restoration of operations is crucial. It said Dr. Reddy’s is a front runner among peers in terms of investing for digital transformation initiatives as well as for new-age cyber securities technologies.

“Thus, the cyberattack came as a sharp reminder to strengthen its digital infrastructure and tighten cybersecurity control measures. While it expects no major operational impact, a quick update on damage control and restoration of operations will in our view be crucial to validate the resilience of its systems,” the report added.

The company is currently reviewing its IT network systems, and trying to find out how the breach took place, sources said.

“In the wake of a detected cyber-attack, we have isolated all data center services to take required preventive actions. We are anticipating all services to be up within 24 hours and we do not foresee any major impact on our operations due to this incident,” said Mukesh Rathi, CIO, Dr. Reddy’s Labs.

Dr. Reddy has 17 manufacturing units and six research and development (R&D) facilities in India, and in overseas it has six manufacturing units overseas and three R&D centers.

The company experienced data breaches in servers in the UK, the US, India, Brazil and Russia. Afterward, the company released a statement that said that in the wake of a detected cyberattack, it had isolated all data center services to implement preventative measures.

Dr. Reddy’s anticipates all services to be up within 24 hours and does not expect any major impact on operations due to the cyberattack.

When the world is in a sharp transition to the digital way to life and business, attacks like this is a serious concern and highlighter to bring in more solid infrastructure. It is simply too much for companies who depend on the privacy of their innovations and methods to be compromised.

For example, Merck faced a major cyberattack in June 2017 that led to the disruption of its worldwide operations and sales losses of $260 million due to the nonfulfillment of orders, and it incurred incremental costs (incl. remediation costs) of $285 million in 2017.

“The risk of cyberattacks on the pharma industry is further amplified by remote working during the COVID-19 pandemic. Thus, pharma manufacturers (incl. DRRD) need to invest further and strengthen cybersecurity systems to avoid or minimize operational disruptions, high costs of control, and to contain damages and any potential lawsuits or regulatory penalties,” the report said.