Is the Indian healthcare sector safe from cyberattacks?

In 2019, a malware named ‘fallensky519’ intruded into a leading Indian healthcare website and stole 68 lakh records containing patient information, personally identifiable information (PII), doctor information, and other credentials. Again in February 2020, a German security firm named Greenbone Networks found that nearly one million medical files and 107 million related medical images of Indian patients, including X-rays and scans, were freely accessible on the internet. The leaked records and images include details of patient name, date of birth and ID, name of the medical institution, ailment, physician names, and other such sensitive details. It was also identified that medical data has been siphoned off from two reputed hospitals in Mumbai.

This is just the tip of the iceberg. There are numerous cases of cyberattacks that go unreported in India; the aspect of cybersecurity in Indian healthcare is usually overlooked.  According to Kaspersky, nearly 45% of the machines in the Indian pharmaceutical organizations, i.e, more than four out of ten machines have been detected with malicious attempts. Cyberattacks in the Indian healthcare sector are not new and its reliance on technology and digitalization has made the healthcare sector more vulnerable to cyberthreats and ransom attacks. The outbreak of Coronavirus has created new avenues of cybercrimes. A recent study by PricewaterhouseCoopers says that the number of cyberattacks on Indian companies has doubled since the outbreak of the pandemic. The consequences of a cyberattack can be catastrophic and even life-threatening — their intrusion into the system might lead to alteration of drug doses, prescriptions, patient appointment timings, and the blood group information of patients, causing improper treatments. While the Indian healthcare sector is working tirelessly round the clock to contain the deadly contagion, whether it can dodge a cyberattack is still a question.

Even globally, healthcare as a sector has been a prime target of cyberattacks for quite some time now and the coronavirus pandemic is only fuelling it further. In fact, the International Criminal Police Organization (INTERPOL), has recently issued a ‘purple alert’ to all its 194 member countries, including India, warning of possible cyberattacks on hospitals and other healthcare institutions.

Cyberattacks on telemedicine portals

Healthcare professionals who are in the frontline battling COVID-19 have the highest probability of getting infected. Hence, the adoption of telemedicine can help minimize the risk by reducing personal interactions and provide quality virtual care in remote parts of the country. The health ministry is encouraging people to take advantage of telemedicine services during the lockdown. According to an e-health service provider, Practo, 5 crore Indians accessed healthcare online in the past 3 months of lockdown and saw an increase of 500%. 44% of the telemedicine users belonged to non-metro cities. Unfortunately though, along with the comprehensive and valuable insights that telemedicine brings onto the table, it also paves the way for cyberattacks. The dashboards of the telemedicine platforms contain detailed records of patient and doctor profiles that can be hacked, thereby gaining access to sensitive information such as electronic protected health information (ePHI), personally identifiable information (PII), and financial data of patients for ransom.

This scooping of information results in committing fraud, identity theft, and/or credit card scams.

Ever heard of medjacking?

Medjacking a word formed out of Medical and hacking.  Medical devices play a crucial role in improving screening, diagnosis, and treatment of disease but the same can be detrimental to an individual’s life if hacked. In 2017, FDA recalled 465,000 pacemakers on detecting some security vulnerabilities. Medical devices such as MRI, ventilators, and defibrillator machines don’t usually come with built-in security systems and become the prime targets for hackers; they can be made to display faulty results or give extra jolts of electric shocks, causing incorrect diagnosis and even putting a patient’s life in jeopardy. This also maligns the reputation of the equipment manufacturer.

Attacks on Healthcare institutions

Hackers benefit from the medical database of healthcare institutions which consists of information related to patients’ condition, billing, and insurance. Information gathered from hospitals and diagnostic centers holds high value in the black market and is used for ransom. Vital information stored on the cloud without proper encryption is easy prey. Hackers can often shut down individual’s devices and servers

The Indian healthcare industry is growing at an unprecedented rate. The Indian Pharmaceutical Congress has projected that the healthcare industry size would be at $55 billion by 2020, thus making India the sixth largest market globally. Hence, it is important to think about cybersecuring the patient files, prescription records, diagnostic data, insurance records, and billing details.

It is unfortunate and indeed paints a sad picture that humankind has touched new lows where cybercriminals are taking advantage of a global pandemic by causing data breaches of ailing patients and infecting medical devices while they are under intense pressure. This erodes trust. However, it is only imperative, now more than ever, that healthcare organizations approach cybersecurity with enhanced rigor as they continue to sever the far-reaching tentacles of COVID-19.

About Author: Shomiron Dasgupta, Founder and CEO, DNIF NextGen SIEM Platform. Shomiron founded DNIF in 2016 with a vision to create a company that delivers high-quality attack detection products and services to its customers. The company has established partners in 14 countries across industries such as healthcare, insurance, transportation, banking, and media. Shomiron is an eminent speaker at many industry events. The events and venues that have hosted him include TedX, DSCI (the Data Security Council of India) and SACON (the Security Architecture Conference).

*Views expressed by the author are his own and BioVoice may not necessarily subscribe to them.