Trends in cyberattacks in the healthcare sector?
Ransomware, DDoS attacks were the popular types of attacks that impacted the healthcare industry. Since the start of the pandemic, the healthcare industry has started to face a huge number of cyber attacks. The faster digitization of the healthcare industry due to pandemics has enabled players small and large to go digital by storing their huge amount of data in the cloud. Many small players can use many third party providers, which would surely increase the risk. Big players can afford AI-based solutions to monitor attacks and perform regular assessments. As in many other industries, the possibility of an insider threat is high in this area. Health care data is a gold mine at this time. It could be used by cyber threats to defraud someone or sell it to any vendor in the industry, which could potentially turn into the marketing of certain products. A report of 500 Fortune companies indicates that even in 2018, cyber attackers targeted the pharmaceutical industry the most.
Has the pandemic made healthcare more vulnerable from a cybersecurity perspective?
We have a few case studies like how a German hospital was disrupted due to a cyberattack. As always, cyber threats always try to exploit the right situation. Many of these small and medium players were less affected or did not know they were affected by a cyber attack scenario. This approach is changing during this pandemic. Patient data, along with employee data in healthcare, is a gold mine in these times. Additionally, due to the emergencies occurring in these times, many of these healthcare workers may not even see cybersecurity as a priority.
In October 2020, Ryuk Ransomware targeted numerous hospitals in the United States, as a result, a threat advisory was issued by the National Cyber Security Agency. Hospitals have had to buy new devices to replace those affected. In addition, the inefficient had to strengthen their security by shutting down their mail servers, etc. This shows that healthcare sectors have taken these contexts seriously by stepping up their security to prevent attacks.
Given the supply of vaccines, how crucial is supply chain protection in the health sector?
Supply chain-based attacks have taken a heavy toll on the industry. Although there has been an increase in cybersecurity in the pharmaceutical industry, we have no clarity on the suppliers of the raw materials. This is something that has become a major concern. Anyone in the supply chain affected by a cyber attack could slow the process of vaccinating more people. The major player in the pharmaceutical industry behind the manufacture of vaccines is able to manage its cybersecurity to a certain extent. But the concern is whether their suppliers and safety ratings are properly monitored, which could ultimately lead to a supply chain attack.
How do Indian healthcare players cope with cyber attacks?
Considering the urgency to go digital increased the risk of becoming vulnerable. It took some time for major Indian healthcare brands to prepare for the cyberattacks. The Ransomware incident with Dr. Reddy’s Laboratories was an eye opener for many big brands to be better prepared to perform regular checks on their infrastructure to prevent further vulnerability exploits. It is a known fact that the majority of players in the pharmaceutical industry are also regularly victims of cyber attacks. Agencies like CERT and NCIIPC are actively monitoring cyber attacks targeting India’s healthcare industry.
A year ago, we saw that Indian blood bank data belonging to over 10,000 donors was kept for free access to data sharing platforms which including donor names, email addresses, blood types , their PIN codes and even their passwords, were available. These types of small data could also be a potential reason for an individual to be targeted online.
In India we are seeing healthcare based cyber scams which are very operational both through phishing and smishing. We’ll have to assume that many are installing bogus covid vaccine-related apps even after multiple threat advisories from agencies.
What are the weakest links in cybersecurity practices or initiatives in the healthcare sector?
Lack of preparation was one of the main points of the cybersecurity industry; Another major weak link in the industry was obsolete hardware and software; While the major players can focus on the security of their suppliers and ensure that regular audits take place at third-party suppliers, the medium and small players have very limited access to their types of information. not deny the fact that a potential threat could come from a security breach at a third party vendor, as many midsize and small players would surely depend on them for their IT and ITES needs.
Your suggestions to the industry to ensure that it remains more vigilant and adopts more best practices in cybersecurity?
Develop a culture of cybersecurity from the board of directors itself; Train staff; Create an appropriate IT security policy; Ensure regular threat assessments and audits; Good infrastructure monitoring; Regularly change passwords; Regularly back up data; Bring data control and limit access; Track compliance like HIPPA; Check the correct monitoring of risks and exposure
As a cybersecurity startup, have you been exposed to data breaches?
Technisanct started its activities in February 2018 by offering managed services in the field of digital risk management and then launched the digital risk monitoring tool “Integrite”. We intend to tackle cyber threats, the spread of disinformation, privacy and data breaches, using big data and artificial intelligence. Every year millions of data are breached and sometimes are discovered too late after many years.
We found a database with approximately 93 million DND numbers in an Excel file during our routine search activities. Our analysis revealed this massive data breach last year. In another case, we identified that several vendors were selling fake SIM cards and carding products by telegram.