Our healthcare providers keep us up and running, but are hospitals themselves safe in the age of cybercrimes?
The healthcare sector is facing a barrage of cyberattacks nationally and internationally. All India Institute of Medical Sciences (AIIMS), India’s largest network of government-run hospitals, was recently hacked. Indian authorities are now on high alert against targeted cyberattacks.
A detailed insight into how the AIIMS and the following ICMR cyberattack occurred will highlight the vulnerabilities in India’s healthcare IT systems.
Table of Contents
How Was AIIMS Hacked?
It started on November 23, 2022. The National Informatics Center (NIC) team at AIIMS informed hospital administrators that the servers were down due to a possible Ransomware attack. All hospital services including outpatient/inpatient and laboratory services, were carried out manually for the following week.
While the hospital spokesperson refused to officially comment on the ransom demand, The Hindu reported that hackers demanded an estimated ₹200 crore in cryptocurrency.
The AIIMS cyberattack lasted for ten days and compromised millions of patients’ confidential records. The victims of leaked records included various VIPs and prominent political leaders. According to concerned officials, AIIMS has not upgraded its systems in the last thirty years. The hospital worked on out-of-date equipment and software and an antiquated Windows version.
As a state-operated hospital, the AIIMS cyberattack received immediate attention. The central Government deputed experts from several national agencies to investigate the attack. The National Investigation Agency (NIA), Defense Research and Development Organization (DRDO), India Computer Emergency Response Team, Intelligence Bureau (IB), Central Bureau of Investigation (CBI), and ministry of home affairs are involved in resolving the AIIMS hack.
But who’s going to help smaller, privately run healthcare institutions?
Before we discuss security measures for smaller hospitals, let’s explore another significant cyberattack that rocked India’s healthcare infrastructure.
What Happened During the ICMR Cyberattack?
Mere days after the AIIMS Ransomware attack, the Indian Council of Medical Research (ICMR) faced a massive hacking attempt. As per NDTV sources, over six thousand brute force attacks were made on the country’s leading medical body. The ICMR hacking attempt was allegedly carried out with IP addresses originating from Hong Kong.
But were the hackers successful in breaching the ICMR website? No. That’s solely because ICMR’s IT infrastructure was secured by an updated firewall and enhanced security measures.
Suggested reading: The Essential Network Security Checklist
While ICMR faced minimal operational issues due to the cyberattack, the AIIMS Delhi servers were down for over ten days. The contrasting cases of AIIMS and ICMR highlight the importance of updated network security measures and a robust cybersecurity posture.
Role Of Cybersecurity Within the Ayushman Bharat Digital Mission
The Government has been pushing hospitals across India to transition to online and paperless operations under the Ayushman Bharat Digital Mission. The AIIMS cyberattack has highlighted security concerns for smaller hospitals with limited budgets in light of the changing technical landscape.
According to the recently launched mission, the health records of every person will be linked to a unique account number. The aim is to enable paperless records and smooth patient transition from one hospital to another.
While this scheme has enormous benefits regarding ease of administration, the cybersecurity risks for hospitals are massive. Each hospital that registers for the Ayushman Bharat Digital Mission will store its primary patient information, including prescriptions, diagnostic reports, and treatment details, on its server or a cloud-based option.
The risk of data breaches will greatly enhance when all hospitals start digitalizing their records.
Digitalization is planned in a decentralized manner, where all hospitals, clinics, and private practitioners will be responsible for securing patient data at their own expense.
To be brief, hospitals and healthcare clinics of all sizes need to prioritize the implementation of a robust cybersecurity posture when moving operations to the cloud.
Is the Healthcare Sector’s Future Cyber-Secure?
According to research by CloudSEK, cyberattacks on the healthcare industry shot up by 95% compared to next year. The recent Medibank cyberattack shook Australian authorities and highlighted the risks associated with healthcare data breaches.
Unfortunately, Indian hospitals are much more vulnerable than their global healthcare counterparts. That’s because of several factors:
- Comparatively lower levels of cybersecurity awareness
- Poor IT-hygiene practices
- Measly IT and security budgets
- Easy target for hostile foreign actors
Suggested reading: How Important is EDR for the Healthcare Sector?
While the situation may seem bleak in light of the recent attacks, all’s not lost. The AIIMS cyberattack should be seen as a wake-up call for hospitals across the country. AIIMS is now in the post-recovery stage and is fortifying itself against further attacks. Hindustan Times reports that AIIMS officials are considering “the creation of a full-fledged cyber-security division at AIIMS. They will use hierarchical computer architecture with built-in redundancies instead of the current flat computer architecture.”
AIIMS, New Delhi, is India’s most prominent hospital. Therefore, it will surely recover from the attack and create an efficient security posture. They are getting the necessary help from all divisions of the government. But when other regional or smaller hospitals face cyberattacks, they might not receive the same degree of support.
So, what can healthcare practitioners do to ensure their data, systems, and assets are protected against targeted cyberattacks?
Managed Security Services – The Way to Combat Emerging Cyberattacks
The answer to the above question is simple: healthcare sector institutions must partner with a managed security service provider (MSSP). The most prominent benefit of partnering with an MSSP is the world-class cybersecurity expertise that you get. Organizations and institutions that lack internal cybersecurity skills stand to gain a lot from external security experts.
An MSSP like Ace Managed Security Services provides multi-layered protection with real-time security monitoring, analysis, and threat response. A 24x7x365 Security Operations Center ensures your network is ready to defend against emerging attacks at any time of the day or night.
With Ace experts as security partners, healthcare institutions can build a multi-layered security environment with accelerated attack response and actionable threat intelligence.