New Delhi: The healthcare industry in India has faced 1.9 million cyberattacks this year till November 28, as per data published on Thursday by cybersecurity think tank CyberPeace Foundation and Autobot Infosec Private Ltd. The attacks came from a total of 41,181 unique IP addresses, which were traced back to Vietnam, Pakistan, and China.
Last week, India’s top government-run hospital All India Institute of Medical Sciences (AIIMS) New Delhi, was hit by a massive cyberattack, forcing it to shut down many of its servers and switch to manual operations. AIIMS, which had earlier announced plans to digitize all services by April 2023, refuted claims that hackers asked for a ransom of ₹200 core.
The data on threats released by CyberPeace Foundation was generated through its e-Kawach programme, which uses threat intelligence sensors to capture internet traffic and analyse real-time cyberattacks faced by organizations. It can also tell which location has seen how many attacks.
“By deploying the simulated network, we can collect data on attack patterns, the different types of attack vectors for the different protocols, and the recent trends of malicious activity,” said Vineet Kumar, founder, and president of CyberPeace Foundation.
The report also shows that the attackers mostly targeted vulnerable internet-facing systems including remote desktop protocol (RDP), vulnerable server message blocks (SMB) and database services, and old Windows server platforms. RDP attacks have increased especially after the pandemic-led shift to remote and hybrid work. RDP allows users to access their office computer or network using another computer remotely.
The attackers also used brute force and dictionary attacks to exploit file transfer protocol (FTP), digital imaging and communications in medicine (DICOM), MYSQL (database management system), and steal sensitive patient data such as medical images and diagnostic databases. DICOM is a commonly used protocol by healthcare companies to manage and share medical images and other data.
The objective behind most of the attacks was to inject a malicious payload into the network of the healthcare company and trigger ransomware attacks. The sensors found 1527 unique payloads used for trojan and ransomware, the report shows.
Cyberattacks on healthcare have grown across the world as more hospitals and healthcare services providers are moving their operations and databases online. According to cybersecurity firm CheckPoint Research, healthcare suffered the highest number of ransomware attacks globally during the September quarter of 2022.
Download The Mint News App to get Daily Market Updates & Live Business News.
More
Less
