According to BleepingComputer, leading French pharmaceutical group Pierre Fabre suffered a REvil ransomware attack where the threat actors initially demanded a $25 million ransom, BleepingComputer learned today.

Pierre Fabre is the second largest pharmaceutical group in France and the second largest dermo-cosmetics laboratory globally. With over 10,000 worldwide, Pierre Fabre developers a wide variety of products ranging from chemotherapy drugs to skincare products.

Last week, Pierre Fabre announced that they had suffered a cyberattack on March 31st that they brought under control in less than 24 hours.

However, to contain the spread, Pierre Fabre states that they had to perform a gradual and temporary halt to most production activities.

“As a precaution, and in line with its risk management plan, the Group’s information system was immediately put into standby mode to curb the spread of the virus.”

 

REvil continues its run at large corporations in attempts to collect massive ransom payments. As organizations shy away from theses large requests, REvil is using tactics to coerce their victims into paying. By using outsourced call centers and emailing business partners or media outlets, they’re hoping the pressure they apply will make the victims pay up. This group is ruthless in their efforts to publicize the attacks they perform, but there are ways to defend against this type of malicious threat actor.

Even if your organization decides not to make a payment for your exfiltrated data to be deleted, the downtime can be even more costly. If your organization does not have the ability to be in communication with customers or clients, the foundation of trust built over the years can be dismantled with just one exposed vulnerability.

SpearTip’s team of certified engineers understand the threats these groups pose to enterprise business. That’s why we’ve built a security operations center and developed an endpoint detection and response tool, ShadowSpear® to mitigate threats and protect our partners. Our certified engineers are highly technical, stay up to date with the latest threat intelligence, and work 24/7 to ensure your organization doesn’t deal with the headaches caused by cyber attacks.