Indian Hospital Ransomware Attack: Hackers Demand $24.5 Million

| Updated
by Babafemi Adebajo · 3 min read
Indian Hospital Ransomware Attack: Hackers Demand $24.5 Million
Photo: Unsplash

A 2021 report revealed that 7.7% of the cyberattacks globally targeted Indian healthcare institutions.

Actors behind the Indian hospital ransomware attack have demanded $24.5 million in crypto even as AIIMS struggles to get servers back online six days after the attack.

According to hospital authorities, the breach occurred on Wednesday when attackers infected hospital files and modified the extensions. The attack affected everything about the daily operations of the hospital, including appointments, investigations, and billing. Doctors within the AIIMS have resorted to taking handwritten notes until the servers are restored.

In the meantime, the hospital noted that the attack may have compromised the data of about 40 million patients. AIIMS officials said the hackers exploited its weak firewall, regular servers, and outdated system to carry out the attack. The hospital is working with the National Informatics Centre and the Indian Computer Emergency Response Team to help recover its system.

Indian Hospital Ransomware Attack Underlines Sector Vulnerabilities

The attack comes within a month of the hospital’s announcement that it was going paperless. In October, AIIMS Delhi Director Dr M Srinivas issued a notice of the hospital’s intention to go paperless from Jan 1, 2023. The hospital also noted it will become fully digitized by April 2023.

If anything, the ransomware attack has exposed that AIIMS may not be as ready to go paperless as it thinks. This is particularly important given that the Indian healthcare sector is the second most targeted by cyberattacks, according to CloudSEK.

A 2021 report revealed that 7.7% of the cyberattacks globally targeted Indian healthcare installations. Another Indusface report revealed that of over 1 million cyber attacks involving Indusface’s global healthcare clientele, 278,000 attacks affected Indian healthcare providers.

Ashish Tandon, Founder & CEO of Indusface, said:

“Lack of risk awareness, use of legacy technologies by healthcare companies, and massive traffic loads make the Indian healthcare segment highly vulnerable to cyber-attacks.”

The Rise in Ransomware Attacks

But it’s not just Indian healthcare. Globally, there’s been a spike in ransomware attacks targeting healthcare facilities. Just weeks ago, Australian health insurance provider Medibank experienced a data breach, with hackers accessing the data of up to 9.7 million customers.

Also, UK’s NHS had to cancel appointments and direct staff to take handwritten notes around July after an attack on its IT services provider Advanced.

With a surge in attacks, digital healthcare platforms must focus on improving security. According to Indusface, “this will ensure that their operational initiatives are free of threats and function optimally.”

Other tech news can be found here.

Cybersecurity News, News, Technology News
Related Articles