From a massive ransomware attack on the All India Institute of Medical Science (AIIMS) that crippled its centralised records and other hospital services last year to the latest Indian Council of Medical Research (ICMR) data leak that allegedly exposed the personal information of at least 815mn (million) Indians, hackers have always been one step ahead of cybersecurity agencies.
After AIIMS-Delhi became the victim of a hacking attack where Chinese involvement was suspected in November last year, another top hospital in the national capital, the Safdarjung Hospital, was also hit by a data breach in December.
However, the hacking attack on Safdarjung Hospital was not as severe as the one AIIMS-Delhi faced and the chances of data leak were less as a major part of the Hospital work ran on manual mode.
According to Safdarjung Hospital officials, the attack was not of a higher degree, but some sections of the Hospital server were impacted. The Hospital server was down for one day and was later rectified.
However, months after the cyber attack at AIIMS-Delhi, the government was yet to come up with a satisfactory answer about what happened to the patient data that was encrypted and may have been exfiltrated by the hackers.
Sensitive data of 40mn patients, including political leaders and other VIPs, was potentially compromised in the hacking.
As per sources, the AIIMS server was hacked by the Chinese. The government maintained that the services were restored and the patient data has been repopulated into the system, but the most important question is what happened to the compromised data? Did it make its way to the dark web?
The attack was analysed by the Indian Computer Emergency Response Team (CERT-In) and was found to have been caused by improper network segmentation.
According to Union minister of state for electronics and information technology, Rajeev Chandrasekhar, the attack was carried out by unknown threat actors.
"It is time to come up with specific legal provisions to deal with ransomware. In America, they have actually now made it an offence when somebody pays a ransom, because it is said to be aiding the cyber criminal," according to Pavan Duggal, the Founder and Chairman of the International Commission on Cyber Security Law.
"Across the world, countries are roughly in a similar kind of position that India is, except that the challenges for India are far too huge. Most of the cyber criminal activities are being targeted on Indians," he added.
In the latest ICMR breach that allegedly put the personal data of 815mn Indians on sale on the dark web, the government said there is “evidence of leakage and investigation is going on, but the data was not stolen."
Given the grave nature of the incident, the central bureau of investigation (CBI) was likely to probe the matter once ICMR files a complaint.
In September, cybersecurity researchers found that the official website of the ministry of AYUSH in Jharkhand had been breached, exposing over 320,000 patient records on the dark web.
According to the cybersecurity company CloudSEK, the website's database, amounting to 7.3MB, holds patient records that include PII and medical diagnoses. The compromised data also contains sensitive information about doctors, including their PII, login credentials, usernames, passwords, and phone numbers.
The data breach was initiated by a threat actor named 'Tanaka'.
Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.
