Nearly 1.9 million cyberattacks targeting the healthcare industry in India were recorded between January and November this year, according to research led by local cybersecurity consultancy CyberPeace Foundation.
This is based on a healthcare-based threat intelligence sensor network simulation by a research team that includes CPF, CyberPeace Center of Excellence CPF academic partners, and security consultant. Autobot Infosec network.
The research was conducted as part of CPF’s e-Kawach program, which aims to deploy comprehensive public network and threat intelligence sensors across India to capture internet traffic and analyze Real-time analysis of cyberthreats.
RESULT
According to the CPF report, most of the attacks target systems accessing the internet using remote desktop protocol, those systems have database services and server message blocks enabled as well. like systems running on the old Windows server platform.
Hackers have also attempted to exploit the DICOM/MYSQL/MSSQL protocols to access sensitive patient data such as medical images and diagnostic information. Mass brute force and dictionary attacks – attempting to log into accounts with different passwords – are also performed on FTP, MYSQL, and MSSQL protocols.
In addition, the threat intelligence sensor network also captured around 1,500 malicious payloads from Trojan viruses and ransomware that hackers attempted to introduce into the network.
WHY IT IMPORTANT
A CPF spokesperson said hospitals and medical facilities have become easy targets for bad actors because they are under great pressure due to the pandemic. They are also “more likely to pay a ransom to reboot their system”.
The cybersecurity group advises healthcare businesses to ensure that their systems are secure by reducing unnecessary data, improving software patchability, and backing up and restoring processes as well as the test system.
It also requires them to conduct periodic technical checks of healthcare infrastructure devices, networks, and any other endpoints connected directly or indirectly to it for security vulnerabilities. secret. In addition, it is recommended to organize a round to raise cyber awareness and develop cybersecurity skills for their employees.
TREND TO BIGGER
Previously, the CPF had noted an increase in phishing or social engineering attacks targeting Indian healthcare businesses.
For example, WhatsApp messages that appeared to be an offer from Apollo Hospital – one of the largest hospital chains in the country – appeared on the app with links to a supposed medical grant. to be.
AIIMS Delhi recently been the victim of a ransomware attack; while it recovered the corrupted database, it is still struggling to get its digital services back online nearly two weeks after the hack.
Safdarjung Hospital in New Delhi also suffered a cyber attack in November but the hospital was able to immediately restore its systems with no reports of compromised data.
