Ransomware Attack Disrupts French Pharmaceutical Distribution
Ransomware Attack on Cerp Bretagne Nord: A Critical Disruption in Pharmaceutical Distribution
Cerp Bretagne Nord, a key player in the pharmaceutical distribution sector in France, has recently fallen victim to a ransomware attack orchestrated by the notorious group Hunters International. This attack has not only compromised the cooperative's data but also disrupted its essential services, impacting pharmacies across multiple French regions.
About Cerp Bretagne Nord
Based in Saint-Brieuc, Brittany, Cerp Bretagne Nord is a prominent pharmaceutical distribution cooperative. With approximately 1,293 employees and an annual revenue of around $1.2 billion, the cooperative plays a significant role in the regional healthcare sector. It specializes in the distribution of pharmaceutical products and medical equipment, ensuring timely delivery to local pharmacies. The cooperative's efficient logistics system and community-oriented approach make it a standout in the industry.
Attack Overview
The ransomware attack, discovered on November 4, resulted in the exfiltration of approximately 2.1 TB of data, equating to over a million files. This breach has severely impacted Cerp Bretagne Nord's online ordering system, which is crucial for pharmacies in regions such as Bretagne, Centre-Val de Loire, Pays de la Loire, and Nouvelle-Aquitaine. The attackers have set a ransom deadline, threatening further disruption to the distribution of pharmaceutical products, which could affect patient access to medications.
Hunters International: The Ransomware Group
Emerging in October 2023, Hunters International is a Ransomware-as-a-Service (RaaS) group known for its sophisticated attacks. Utilizing code from the defunct Hive ransomware, the group employs double extortion tactics, combining data encryption with data theft. Their malware, developed in Rust, allows for cross-platform targeting, making them a formidable threat to enterprises. The group is adept at bypassing advanced security measures, as demonstrated in previous attacks.
Potential Vulnerabilities
Cerp Bretagne Nord's reliance on digital systems for its logistics and ordering processes may have made it vulnerable to such an attack. The healthcare sector, with its critical infrastructure and sensitive data, is a frequent target for ransomware groups like Hunters International. The cooperative's disruption highlights the need for enhanced cybersecurity measures to protect against sophisticated threat actors.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!