In a bizarre turn of events, one of the most prestigious medical and educational institutions in the country, AIIMS Delhi, came under a cyber attack in November 2022. The incident crippled the institution for more than seven days, and their everyday work routine, which includes online billing, registrations, and appointments, among many others, was halted. Such incidents are not uncommon in the Indian scenario; according to CloudSEK, the Indian healthcare system ranks second on the global scale of cyberattacks, with a total of 7.7% in 2021. Read on to find out more about why hackers target the healthcare industry and how such incidents can be minimized in the future.
What Is A Cyber Attack?
The act of gaining unauthorized access for the purpose of damaging, altering, or stealing data from a computer, computing system, or computer network can be termed a “cyberattack.” This act can be carried out from anywhere by a single individual or a group of individuals, and they are often referred to as threat actors, hackers, or bad actors.
Why Do Hackers Target Healthcare Systems Frequently?
There are multiple reasons why the healthcare industry has become a target for hackers.
Information Pool: Technological advancements have made data one of the most valuable commodities in this market. And hospitals are sitting on a pool of personal data of patients ranging from their medical records to credit card numbers. Hackers can use this information to blackmail patients, sell it on the black market, or use it for fraudulent purposes.
Multiple Easy Access Points: Medical care has been revamped with the implementation of technology. Equipment and devices like dialysis machines, digital pacemakers, or automatic drug dispensers have been installed and are controlled by a network of systems. Now, these devices do not contain any data, but with a cyber-attack, hackers can get control of the network system that controls them and prevent healthcare institutions from providing life-saving treatment or, even worse, manipulate the devices to wreak havoc.
Accessing Data Remotely: To provide top-of-the-line treatment, working in collaboration is vital in the healthcare industry. Now an individual accessing information can use a new device and may not be sitting at the information desk. This creates loopholes as the new device may or may not be secured and becomes an easy target for cyberattacks.
Use Of Outdated Technology: Healthcare facilities do not use high-end software for their daily activities. The outdated technology that they have does the job without a hitch but is extremely vulnerable to cyberattacks. Also, with the implementation of new technology, they do not want to disrupt their daily routine.
Limited Training: Considered to be one of the busiest job roles, healthcare professionals serve long hours with tight deadlines. They are neither equipped nor trained in the fundamentals of cyber security and the methods for detecting and mitigating cyber-attacks.
AIIMS Cyber Attack
On November 23, 2022, a server failure occurred at AIIMS Delhi, and healthcare professionals were forced to carry out their daily tasks manually. What the healthcare officials thought to be a glitch turned out to be a cyber-attack that shook the entire nation. Two system analysts were suspended by the hospital authorities, and on November 25, Intelligence Fusion and Strategic Operations (IFSO), a unit of the Delhi Police, registered an extortion and cyber terrorism case.
Medical institutions contain the private information of a massive number of patients, and data theft is probably at the heart of this heinous crime. The Prime Minister and the Home Minister, who were vaccinated and treated during the times of COVID, were also admitted to AIIMS and such a cyber-attack questions the national security of the nation. The claim of the local news agencies that the hackers demanded Rs. 200 crores in cryptocurrency were rubbished by the police authorities, but they have reported that a significant amount of data has been lost, which cannot be recovered soon. Statements from AIIMS suggest that the sanitization of its servers and computers is in full swing, and they have decided to roll out the online services in a phased manner. In the meantime, to get four new servers, AIIMS has asked for the help of the Defense Research and Development Organization (DRDO).
How Can The Healthcare Industry Minimize Cyber Attacks?
The incident that occurred at AIIMS and handicapped the most prestigious institution could have been tackled if they had been prepared for such threats. Some of the ways that should be implemented in the healthcare industry include the following:
Cybersecurity Training: A mandatory cyber security training session must be incorporated by healthcare institutions for their employees to mitigate the risk of cyber threats.
Restoration And Backup: The massive amount of data that AIIMS has lost could have been avoided if they had offline storage for a seamless backup. With the restoration technique, they could have easily retrieved the lost data.
Multi-Factor Authentication (MFA): In MFA, two or more verification steps are required to access the desired data. Enabling MFA, along with the use of strong passwords, has been shown to reduce the risk of cyberattacks.
Update And Validate: Using updated technology and consulting with cyber security firms to provide the best solution must be the top priority. Running risk assessment tests to check and validate the conditions of network security and role-based access control must be incorporated to minimize cyber threat penetration.
The motive is yet to be known for this cyber attack, but the Delhi Police, along with the National Investigation Agency (NIA), the India Computer Emergency Response Team (CERT-IN), the Intelligence Bureau, the Central Bureau of Investigation (CBI), and the Ministry of Home Affairs, are already looking into the AIIMS situation. After this incident, hopefully, healthcare industries will take the necessary steps required for data protection.