Ransomware Attack on Aarti Drugs Ltd.

Company Overview

Aarti Drugs Ltd., established in 1984, is a key player in the pharmaceutical manufacturing sector, focusing on Active Pharmaceutical Ingredients (APIs), Pharma Intermediates, Specialty Chemicals, and Formulations through its subsidiary, Pinnacle Life Science Private Limited. The company boasts 13 manufacturing facilities and a global presence in over 100 countries, generating revenue of slightly over ₹620 crore.

Vulnerabilities and Impact

In September 2022, Aarti Drugs Ltd. fell victim to a ransomware attack orchestrated by the BianLian ransomware group, which subsequently claimed responsibility and leaked confidential information on a dark web forum. The attack compromised a significant amount of business and administration data, including loan documents and tax filings. The attackers demanded a ransom of 20 BTC (approximately ₹15.8 lakh) for the decryption key. Despite this, around 6 GB of data was sold on the group's dark web site, encompassing financial scans, HR data, insurance details, workflow data, research data, and personal documents of employees.

Response and Mitigation

This incident underscores the critical need for enhanced cybersecurity measures within the pharmaceutical sector, especially against the backdrop of an uptick in ransomware attacks. It is imperative for companies to bolster their cyber resilience and invest in sophisticated infrastructure to safeguard against such threats.

Sources

• Aarti Drugs Ltd. Website
• "After Ipca Laboratories, pharma major Aarti Drugs hit by ransomware attack; data leaked on dark web" by CISO, Economic Times India
• "Ransomware Attack On Pharma Company Aarti Drugs" by The420.in
• "Aarti Drugs Ltd. and Ipca Laboratories Limited were hit by ransomware attacks on Sept. 9th and Sept. 10th respectively" by iValue Infosolutions Pvt. Ltd.
• "Ransomware Attacks: The State Of Play As Indian Firms Mount Defense" by Scrip