The “Tardigrade” malware, which was given its title to reflect its resilience and adaptability, has been plaguing companies in the biomanufacturing sector through multiple cases of cyber- espionage and attacks. Tardigrade functions as a trojan, with the ability to act as a keylogger, scrape stored passwords, generate backdoors, and send data out of the network. Its uniqueness manifests in how it builds its ecosystem differently depending on the environment, communicates differently, and is able to function without communication with the control server. While typically spread through phishing attacks where it’s ironically disguised as a privacy tool, it has also been noted to spread through altered USBs and move through infected networks. Interestingly, Tardigrades have mainly been used to deliver unrefined ransomware and “halfhearted ransom notes”, possibly indicating that they are being used as a distraction or cover for other nefarious activities. The breach of biomanufacturing companies endangers the confidentiality of important intellectual property, namely cutting-edge research into enzymes, drugs, and drug development processes.
