INDIA — According to a study led by the local cybersecurity think tank CyberPeace Foundation, nearly 1.9 million cyberattacks on the healthcare industry in India were recorded between January and November of this year.
This is based on a simulation of a healthcare-based threat intelligence sensor network conducted by a research team comprised of CPF, its academic partners in the CyberPeace Center of Excellence, and cybersecurity consultant Autobot Infosec.
The attacks came from a total of 41,181 unique IP addresses, which were traced back to Vietnam, Pakistan, and China.
The study was conducted as part of the CPF’s e-Kawach program, which aims to deploy comprehensive public network and threat intelligence sensors across India in order to capture internet traffic and analyze real-time cyberattack threats.
According to the CPF report, the majority of the attacks targeted internet-facing systems running remote desktop protocol, server message block and database services, and old Windows server platforms.
Hackers had also attempted to gain access to sensitive patient data such as medical images and diagnostic information by exploiting DICOM/MYSQL/MSSQL protocols. Massive brute force and dictionary attacks were also carried out on the FTP, MYSQL, and MSSQL protocols, attempting to log into an account using various passwords.
Furthermore, the threat intelligence sensor network intercepted approximately 1,500 malicious payloads from Trojan viruses and ransomware that hackers attempted to inject into the network.
A spokesperson from CPF said hospitals and health facilities have become easy targets for malicious actors as these have been under immense strain due to the pandemic. They are also “more likely to pay a ransom to get their systems up and running again.”
The cybersecurity group advised healthcare organizations to secure their systems by reducing unnecessary data, improving software patch levels, backing up and restoring procedures, and auditing systems.
It also instructed them to conduct technical audits of their healthcare infrastructure devices, networks, and any other end-points directly or indirectly connected to it on a regular basis in order to detect security vulnerabilities.
Furthermore, the report suggested that they hold a cyber awareness drive and develop their staff’s cybersecurity skills.
CPF previously reported an increase in phishing or social engineering attacks on Indian healthcare businesses.
For example, WhatsApp messages purporting to be from Apollo Hospitals, one of the country’s largest hospital chains, have been making rounds on the app, with links to a purported medical subsidy.
India’s top government-run hospital All India Institute of Medical Sciences (AIIMS) New Delhi was recently the victim of a ransomware attack; while it has restored its corrupted databases, it is still struggling to restore its digital services nearly two weeks after the hack.
In November, Safdarjung Hospital in New Delhi was also targeted by a cyberattack, but it was able to immediately restore its system with no reports of compromised data.
At the beginning of this month, French Health Ministry authorities were forced to shut down operations and transfer critically ill patients following a cyberattack on a hospital outside Paris.
Cyberattacks on healthcare have grown across the world as more hospitals and healthcare services providers are moving their operations and databases online.
According to cybersecurity firm CheckPoint Research, healthcare suffered the highest number of ransomware attacks globally during the September quarter of 2022.
For all the latest healthcare industry news from Africa and the World, subscribe to our NEWSLETTER, and YouTube Channel, follow us on Twitter and LinkedIn, and like us on Facebook.
