Eisai Co Hit with Ransomware Attack

Eisai Co has been hit with a ransomware attack. Eisai is a pharmaceutical company headquartered in Tokyo, Japan. It has The Snatch ransomware gang has allegedly attacked EliTech. The pharmaceutical giant confirmed on June 6th that several of its group servers were hit with a ransomware attack. To the company's knowledge, no confidential material was leaked. The company cut off links with part of its domestic and overseas internal systems to limit the impact of the attack. Eisai is reportedly working with experts and police to restore their systems but has not confirmed whether the hackers have demanded a ransom.

Eli Tech and Potential Supply Chain Risks

Eli Tech, a molecular diagnostics company, has laboratories in more than 100 countries and employs over 650 people. The company specializes in in-vitro diagnostics and sells instruments and software to partners around the world, suggesting there may be a risk of future supply chain attacks. EliTech specializes in specific IVD technologies within these market segments: Molecular Diagnostics (MDx), Clinical Chemistry (CC) and Biomedical Systems (EBS), and Microbiology (EM).

Snatch Ransomware Gang's Tactics

While Snatch hasn't confirmed how much data it claims to have stolen, the ransomware gang has posted EliTech's details on its dark web leak site. EliTech has neither confirmed nor denied the attack. The Snatch ransomware gang, which first appeared in 2018, uses sophisticated AES encryption to prevent victims from accessing their information. The hackers use Windows registry keys to boot in safe mode. Snatch typically targets high-profile organizations and forces target systems to reboot in safe mode to disable antivirus software. Snatch typically demands between 1 and 5 bitcoins as ransom, and researchers have not yet found a way to decrypt stolen information. The ransomware gang initially targeted regular users with spam emails, but since 2019 has targeted entire organizations.