Sectrio

footer-logo
Search
Close this search box.
Contact Us

Eng

footer-logo
Search
Close this search box.
Contact Us

Eng

Healthcare

Understanding the significance of the latest “cyberattack” on AIIMS

Deciphering the latest attack on AIIMS    

Cyber Security, Healthcare /

In the latest edition of our threat landscape report, Sectrio’s threat researchers had done a comprehensive analysis of the Indian cyber threat landscape, the actors, tactics, malware, and enablers. This report also highlighted the alarming levels of sophistication and maturity demonstrated by state-backed hackers that are targeting Indian critical infrastructure, businesses, and financial services infrastructure. The findings of the report do paint a realistic picture of how fast things are changing in cyberspace vis-à-vis threats, breach tactics, and targets In this piece, we will look at how and why some of the institutions in India are being repeatedly stalked and targeted in cyberspace. We recommend that this article be read in conjunction with the threat report for you to gain a complete understanding and context of the data presented here. As per the data trail left by hackers, Indian cyberspace has been extensively targeted since 2011. In that year, there were a couple of significant events recorded here that were unprecedented in magnitude and portended the scale of events to come. Since 2011, threat actors have expanded their presence in the country while scaling up their operations to cover more sectors and profiles of persons of interest. In addition to critical infrastructure, several of the procurement and production cycles of many vendors connected with defense supply chains, high-end manufacturing, and government agencies are also being targeted The AIIMS attack is certainly not an isolated one. Here are a few significant cyber incidents that occurred in the last few years.  What really happened at AIIMS?  As per media reports on the incident, it has been said that a cyber breach has been ruled out and the incident involved “someone trying to access E-hospital, an internal application” belonging to the premier healthcare institute. It is also said that the application is not accessible from the Internet. In subsequent reports, however, it was claimed that there was an incident involving a weakened server. The questions that arise are: When one puts the above information available publicly, a clearer picture of the attack emerges. At a primary level, the latest cyberattack on AIIMS is designed to send a message. “The hackers can strike at will even at targets that have been breached before and have since been hardened”.  This attack also seems to have been carried out using data exfiltrated during the last attack and has since been shared possibly with other state-backed threat actors within China. Actors like APT 41 are acting to gain and retain access to critical systems and data that can be used to target institutions and key decision-makers in times of peace or during a geopolitical event. The latest attack could have been an attempt to gain access to some updated records or delete some information residing in the weakened server or it could have been an attempt to exfiltrate data of interest residing on this server.   The writing is clearly on the wall. The second attack represents a continued threat actor and adversarial state interest in key Indian institutions  Check out: The Global OT and IoT Threat Landscape Assessment and Analysis Report 2023

Deciphering the latest attack on AIIMS     Read More »

Dissecting the cyber incident at All India Institute of Medical Sciences (AIIMS)

Dissecting the cyber incident at All India Institute of Medical Sciences (AIIMS) 

Cyber Security, Healthcare, Threat Intelligence /

The news of the All India Institute of Medical Sciences (AIIMS) servers being breached is making headlines across India. While the full extent of the data that was compromised and the actors who are behind it are still unknown, we do have some clues on what this attack entails for the healthcare segment in India and beyond. Our threat research team has drawn the following inferences after studying the attack on AIIMS and its aftermath. Disclaimer: these inferences are based on the data and the information we have gathered from published sources on the surface and dark web as of December 5th. Some inferences are subject to change based on new data made available. Since the breach is under investigation from CERT-in, the inferences drawn may be subject to change after the investigation report is made public.

Dissecting the cyber incident at All India Institute of Medical Sciences (AIIMS)  Read More »

The truth about cyberattacks on the healthcare sector in India

The truth about cyberattacks on the healthcare sector in India

Cyber Security, Healthcare /

Cyberattacks on the healthcare sector in India are rising and there are many reasons for this. Right now, India is ranked 11th among the top 20 most targeted nations in the healthcare sector in the world. The IoT and OT global threat landscape assessment report 2022 While the sector has attracted attention from APT actors globally, most attacks are still driven by unaffiliated or loosely affiliated actors who are after a ransom. Healthcare providers, insurers, and even small clinics and online pharma companies are being targeted to obtain information and to target providers and service users.  Data criticality and the cost of systems force healthcare organizations to pay up the ransom just to get back on their feet.   While some data is floating around on the volume of attacks on this sector in India, we have not seen any data being shared on the actual attacks that were occurring.  This is why we have put this post together. a) to help healthcare industry participants understand the nature of the evolving threat landscape in the country and b) to drive awareness on the urgent need to respond to the rising cyber threats and to prevent more attacks from occurring.   Here are the top trends and data on attacks on the healthcare sector in India: Why is the healthcare sector being targeted in India? There are many reasons for this. Here are a few: With such a complex modus-operandi, it comes as no surprise that Indian healthcare providers and victims are bleeding PII and more. Such information once leaked will return to haunt the victim and the provider. Sign up for our one-on-one threat intelligence and security landscape briefing to learn more about such attacks. Join our Cybersecurity Awareness Month campaign Find out what is lurking in your network. Go for a comprehensive 3 layer threat assessment now See our solution in action through a free demo

The truth about cyberattacks on the healthcare sector in India Read More »

Healthcare Dec banner

What’s next for healthcare cybersecurity in 2021?

Cyber Security, Healthcare /

What’s next for healthcare cybersecurity in 2021? The year 2020 saw the highest increase in cyberattacks registered by a single sector ever. The health-care industry in the second quarter of the year saw a 63 percent rise (from the previous quarter) in sophisticated attacks while Q3 saw a 39 percent increase. Put together, this has set the warning bells ringing across CERT teams and cybersecurity vendors trying hard to stop these cyberattacks from derailing the ongoing fight against the Covid-19 pandemic. The mode of attack In over 79 percent of the attacks, healthcare service providers were kept away from critical data including patient records, device calibration information and administrative documentation. Such data was held to ransom to put psychological stress on these healthcare institutions (many of whom had frontline Covid-19 healthcare workers) to pay off steep ransom to free their data. This cycle has repeated innumerable times this year. The hackers also exposed several weaknesses in the way healthcare institutions approach cybersecurity: Use of unpatched and outdated software that is well past its prime as well as untested collaborative platforms Less than secure data storage practices Lax attention to cybersecurity Lack of a proactive and complete outlook towards cybersecurity Lack of employee sensitization on cybersecurity threats As many as 42 percent of healthcare institutions we spoke to this year had experienced some form of breach due to a cyberattack. Majority of them (71 percent) paid the ransom quietly and got their data back. The others did not respond to questions on what happened after the cyber-attack citing confidentiality reasons. “Hackers view healthcare institutions as easy targets for a cyberattack because of prevailing practices and pre-existing vulnerabilities that have been around for years, if not decades. This is also one of the sectors where the time taken to monetize a cyberattack is the shortest. Together these two factors have contributed immensely in turning healthcare into one of the most vulnerable sectors out there. In many ways, the cybersecurity journey of many healthcare providers is just starting,” said Kiran Zachariah, VP Digital Security at Subex.        Looking ahead The volume of cyberattacks is not expected to decrease in 2021. But we are expecting healthcare service providers to mount a strong challenge to hackers and to move away from being easy targets for malware developers and other adversarial entities. We are expecting attacks on R&D institutions to rise significantly as hackers shift their attention to the results Covid-19 vaccines are getting from real-world trials. Such attention will extend to other areas witnessing frenzied R&D efforts. Healthcare institutions need to ramp up their cybersecurity efforts and increase the distance between them and hackers. Wasting hackers’ machinations through deception and by deploying solutions that detect and contain attacks early is one option to consider. Subex is here to help Subex Secure is a suite of solutions that includes Subex Secure Edgetech, Subex Secure Threat Intelligence and Subex Secure Security Operations Center services. Our OT and IoT security solution Subex Secure is agentless, non-intrusive, and built for discovery, detection, mitigation, and protection. It can passively and actively discover devices and their vulnerabilities and contain threats and prevent lateral movement through rapid digital detention. It can be deployed to scale and in a staggered and proactively flags threats and vulnerabilities through a 3-step filter process. We can help you improve your cybersecurity posture so that you can focus your energy and attention towards fighting Covid-19 and other healthcare challenges out there. Connect with natalie.smith@subex.com to learn more.

What’s next for healthcare cybersecurity in 2021? Read More »

IoT Healthcare

IoT poised to transform healthcare

Healthcare, IoT /

Among the sectors where the Internet of Things is offering a non-conventional way to address traditional challenges, healthcare stands out not just in its uniqueness but also in bearing significant potential to positively transform the quality of life of citizens. As the use cases increase, so does the scope for IoT to do more and this is just a beginning. In the days to come IoT will bring in a drastic reduction in healthcare administration costs, improve the efficacy of medicines and improve our ability to identify and isolate disease vectors well before they reveal their darker side. Healthcare is a vast ecosystem. IoT has already made deep inroads into applications such as remote patient monitoring, clinical trials, pharma administration, personal healthcare, drug testing, insurance, robotics, smart pill cases, and treatment. Preventive healthcare is another area where IoT is helping. IoT enabled wearables are providing real-time data on every individual’s health enabling physicians to diagnose early warning signs of disease and administer medication or other interventions before it turns into a major risk to the person’s health. With evolving technology and improving connectivity (with the arrival of 5G) and personalization of medical attention, it will be possible to do a lot more with IoT. For instance, data on responses to a certain medicine (collected and analyzed anonymously) will enable doctors to derive the exact dose to be given to the patient to ensure maximum drug efficacy. Smart jars will also remind patients to have their medicines on time and in the right dosage. This will help prevent misuse of vital medicines such as antibiotics. Smart pills add a unique dimension to IoT. Smart pills, or simply digital pills, are medications prescribed to patients and come with edible electronic sensors that dispatch wireless messages to devices like patches, tablets or smartphones that reside outside the body when ingestion of these pills.  Since this technology will allow patients and doctors to track their drug regimen compliance, increasing patient adherence, it could lead to savings to the tune of $100 – $300 billion annually in the US alone. Adoption challenges Storing, securing and managing data are aspects that still pose a challenge to widespread IoT adoption in the sector. In addition, there are reliability and security issues with data alongside the lack of infrastructure and training among providers. This is because there are providers who lack the infrastructure to harness and analyze data even when it flows freely. Another issue is the cost of wearables. It is still not cheap enough for it to be used widely by populations in rural areas. Security is still a key concern for the whole eco-system. With a diversity of devices, communication flavors, storage options, through fare networks, every aspect brings in its own security challenge. Since patient data is involved in the form of healthcare records or treatment efficacy, there are many entities and individuals out there who would want to get their hands on this data. Healthcare devices could also be highjacked to be used as conduits to launch larger Distributed Denial of Service attacks on other networks. With so much data floating around in the networks, privacy issues have already come to the fore. Groups are suggesting that with smart pills, for instance, a surveilled compliance scenario would emerge and the doctor or the pharma company may end up receiving and hoarding more data than necessary. The road ahead The challenges that IoT brings forth should be measured against the benefits that it delivers. Overall, it is now becoming increasingly difficult to view healthcare minus IoT interventions in varied aspects. As these interventions get bigger and the benefits expand, the challenges will also be addressed. For a country like India that is trying to bring affordable healthcare to the masses, IoT is more than a game changer. What changes is not just affordability but also the availability of timely medicare. The savings in terms of replacing traditional and more costly alternatives are alone for India to give more attention to IoT. India will definitely enable the emergence of many interesting use cases.

IoT poised to transform healthcare Read More »

Scroll to Top