The discovery of a new and aggravating cybersecurity threat for pharmacies –

Sam Crowther, founder and CEO of cybersecurity firm Kasada, tells us about a recent discovery by his company that revealed tens of thousands of accounts with prescription drug attachments at major online pharmacies had been compromised .

During an analysis for a client of online accounts for sale, Kasada discovered a new illegal way bots are being used – to steal pharmacy client accounts and resell prescriptions on a secondary market for in-demand substances , such as Oxycodone.

“We are a security company that helps businesses resolve issues caused by bots on their websites or mobile apps. We help them solve the business problems that come to mind when someone can take a piece of code to scale their operation and make things financially viable,” says Crowther.

Crowther says this new method of using bots is “one of the boldest, most egregious, and most dangerous uses of bots” he has ever seen.

Unfortunately, many online pharmacies are susceptible to bot attacks simply due to outdated security measures and a lack of proper system monitoring.

Detection of fraudulent activities

A bot, in its simplest form, is a piece of code that performs an action that a human would perform, including logging into an account by entering a username and password.

Often, criminals use bots to grab illegally obtained login credentials, testing them on various websites to see if they work.

“The advantage for criminals and the disadvantage for defenders [anyone responsible for protecting an organisation from an attack] is it very scalable. It’s easy to run a piece of code thousands and thousands of times per minute and perform tens of thousands of actions, where a human can take weeks or days to do,” Crowther says.

According to Kasada, in April 2022, its threat intelligence observed the use of credential stuffing – the automated injection of stolen username and password pairs into a website’s login form – to attacking pharmacies, stealing active customer accounts and exploiting them for the distribution of prescribed drugs. .

“We were doing analysis, other work for a client when we came across the same group performing these actions against more than our clients. As we got deeper into what the group was doing, suddenly the pharmacy business popped up and it became very clear that their operation was quite widespread,” says Crowther.

The criminals gained access to users’ login information (credentials) somewhere online. Since many people use the same login credentials for multiple websites, criminals have started testing these credentials on other sites and then using them on vulnerable online pharmacies.

Once cybercriminals had gained access to a customer’s online pharmacy account, they sold the information or exploited the accounts to perform fraudulent transactions.

A criminal would log into an account, initiate a fill, select the pharmacy they wish to pick it up from, and then have someone pick it up for them who is not the intended customer.

“The [implications of these stolen accounts] are double. First, someone who shouldn’t be able to get their hands on these controlled substances can. So let’s say I want to buy Oxycodone, Adderall or any other prescription painkiller. I can buy one of these accounts and, without a prescription, without myself as Sam having a prescription, I can actually pick it up,” Crowther says.

Criminals gaining access to controlled substances by simply picking them up from pharmacies is incredibly problematic, especially given the massive and ongoing opioid crisis.

“On the other hand, it can actually hurt the person who is supposed to get the prescription because you can only get them filled so many times. So suddenly you can’t get the medicine you need and you have been prescribed by a doctor.In addition, you may look like a [drug] mule, or you can make it look like you’re selling it yourself illegally, which isn’t a good situation for the actual customer,” Crowther says.

The origin of the login credentials is unclear, but the result was that tens of thousands of accounts with prescription drug attachments at major online pharmacies were exploited.

Crowther did not name the brands that were compromised, but among them were the top 10 pharmacies in the world, he says. Brands that we can safely say most people use.

“We don’t name anyone by name. As a security professional, I feel terrible calling people because it can be very damaging. I prefer to do it behind closed doors,” Crowther says.

Nevertheless, he notes that there are ways to prevent these attacks before credentials are stolen, so that online pharmacies can protect their interests and the well-being of the customer.

Protecting a business and its customers

Kasada only recently discovered the criminal activity related to the above pharmacy, but there has been a substantial increase in stolen pharmacy accounts available for sale in the past 60 days alone.

“Criminals take advantage of the fact that a lot of these pharmacies have pretty old security solutions and don’t really invest a lot in [cybersecurity]says Crowther.

“Even in the last few months it has become very lucrative. Some of these groups make $40,000 or $50,000 a month just doing this, which is not a trivial amount of money,” Crowther says.

Once a criminal gains access to an account, he will sell that account according to the prescription attached to it.

“They’ll be like, ‘If you want an account with an Oxy prescription, it’s $75. If you want an account with Adderall, it’s $25. That’s where the money comes from for them,” Crowther says.

Strengthening cybersecurity and preventing bot attacks before they start are key to ensuring that drugs don’t end up in the wrong hands.

“A big piece here is the defense and anti-fraud side of things. Making sure the company has a good idea of ​​who the actual customer is when they log on and fill a prescription is very important,” says Crowther.

As online pharmacies become more prevalent and consumers’ use of Internet platforms increases, it is increasingly vital to use the cybersecurity options available to protect the interests of businesses and consumers and stay away legacy security systems.

“It’s definitely an implication of coming from an old school business where security requirements weren’t really high, and then moving into an online world where the requirements are very, very high. The jump was not made. That’s the problem,” Crowther says.

“The reality is that it’s a cost to do business and operate online. It’s expensive because you have to be safe. Otherwise, you end up in situations like this, where supposedly great customer service is now a real legal liability.

About the interviewee

Sam Crowther is the founder and CEO of Kasada, a cybersecurity company specializing in stopping bot attacks. He is an entrepreneur with a passion for cybersecurity. With funding from leading US and Australian investors, Sam launched Kasada in 2015 to provide an innovative web traffic integrity solution to businesses around the world. Based in New York and Sydney, his goal is to create simple technical solutions to complex problems. Sam is driven by challenging preconceptions and beliefs in order to have a positive impact on the world.

About the Author

Jessica HagenJessica Hagen is a freelance health and life science writer and project manager who has worked with XR medical companies, fiction/non-fiction writers, non-profit and for-profit organizations and entities. governmental.

About Armand Downs

Check Also

Week in Review: Insilico Signs Six AI-Drug Discovery Deal with Sanofi Worth Up to $1.2 Billion

jittawit.21 Offers and financing Insilico Medicine, a Hong Kong and New York-based AI drug discovery …