https://www.zdnet.com/article/drug-firm-bayer-targeted-by-cyberattack-threat-contained/

Exploit: Malware attack
Bayer Pharmaceuticals: German multinational pharmaceutical and life sciences company

Risk to Small Business: 2 = Severe: In a statement this past Thursday, Bayer revealed that infectious software was discovered on its systems back in early 2018. Before removing the malware in March, the company proceeded to “spy” on the hackers to identify the responsible party. Without any further details on their incident response methodology or further information on what Bayer means by “spy” ID Agent recommends always contacting an Incident Response Team if a compromise has been identified. Allowing an unknown third party to continue accessing data is generally inadvisable. The drug maker announced that there is no evidence of data theft, and they have traced the source of the hack to a group known as Winnti.

Individual Risk: 2.428 = Severe: No individuals are at risk

How it Could Affect Your Customers’ Business: The era of industrial espionage is here, and small businesses should be taking notice. Hackers are setting their sights towards technology and intellectual property, given its tremendous value and sometimes limited security. Phishing campaigns are the most frequent of all attack vectors, followed by infection via custom malware.

Designed to protect against human error, Bullphish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against cybercrime. Learn more from Enterprise Systems. More information here: https://www.idagent.com/bullphish-id