A study conducted by the regional cybersecurity think tank CyberPeace Foundation found that from January to November of this year, there were around 1.9 million assaults targeting the healthcare sector in India.
This is based on a simulation of a network of threat intelligence sensors for the healthcare industry performed by a research team made up of the CyberPeace Foundation (CPF), its academic partners under the CyberPeace Center of Excellence, and cybersecurity advisor Autobot Infosec.
The study was carried out in conjunction with CPF’s e-Kawach programme, which intends to deploy significant public network and advanced threat sensors across India in order to record online activity and evaluate real-time threats of cyberattacks.
The majority of the attacks, according to the CPF report, were directed at internet-facing systems that supported the remote desktop protocol, had server message block and database services enabled, and were running outdated Windows server architectures.
Hackers had also attempted to gain access to private patient information, including medical photos and diagnostic data, by exploiting the DICOM, MySQL, and MSSQL protocols. Massive attempts to log into an account using different passwords—known as brute-force and dictionary attacks—were also made on the FTP, MySQL, and MSSQL protocols. The threat intelligence sensor system also managed to intercept almost 1,500 dangerous payloads from ransomware and Trojan malware that hackers attempted to introduce into the network.
A CPF representative claimed that because of the pandemic, hospitals and other healthcare facilities have become convenient targets for criminals. Additionally, they are more inclined to pay extortion to restore the functionality of their systems.
The cybersecurity group encouraged healthcare businesses to reduce unneeded data, improve the software patch level, back up and restore procedures, and audit systems to make sure their systems are secure. Additionally, it instructed them to routinely carry out technical audits of the systems, networks, and other endpoints that were directly or indirectly linked to their healthcare infrastructure in order to look for security flaws. Additionally, it was advised that they organise a cyberawareness campaign and train their workers in cybersecurity.
Prior to now, CPF has observed an upsurge in social engineering or phishing attempts against Indian healthcare companies. Examples include WhatsApp messages that appeared to be offers from Apollo Hospitals, one of the largest hospital chains in the nation, and contained links to what appeared to be a medical subsidy.
Recent ransomware victims include AIIMS Delhi, which has restored its compromised databases but is still having trouble restoring its digital services even two weeks after the hack.
In November, the Safdarjung Hospital in New Delhi likewise experienced a cyberattack, but it was able to quickly recover its system with no indication that any data had been compromised.
