Indian healthcare institutions are facing an alarming surge in cyberattacks, experiencing nearly four times the global average of weekly incidents. The integration of technology in healthcare, such as telemedicine, IoT devices, and electronic health records (EHR), has made patient management more efficient. However, this digital transformation has also made these institutions prime targets for cybercriminals.
According to Check Point Software Technologies Ltd, an Israeli cybersecurity firm, the Indian healthcare sector endures over 6,900 cyberattacks per week. This is significantly higher than the global average of 1,821 attacks per healthcare organization. Such a high frequency of attacks reveals the vulnerabilities within the digital infrastructure of India's healthcare sector.
Healthcare institutions are attractive targets because they store a wide range of sensitive data, including medical, personal, and financial information. The critical nature of their operations means that any disruption can be life-threatening. Many Indian healthcare systems rely on outdated technology and lack the financial resources to upgrade their security measures, making them more susceptible to attacks. Consequently, the urgent need to restore critical services often forces these organizations to pay ransoms to cybercriminals.
For instance, the United Kingdom’s National Health Service (NHS) experienced significant service disruptions when a Russian hacking group, Qilin, stole over 400GB of private medical data from Synnovis, a vendor.
Beyond healthcare, other sectors also face substantial cyber threats. Education and research organizations are the second most targeted, with an average of 6,244 weekly attacks, while government and military entities face over 3,600 attacks weekly.
The report further highlights that Indian organizations, in general, were targeted 2,924 times per week on average over the past six months, compared to 1,401 attacks per organization globally. Malicious software like “FakeUpdates” and botnets such as Remcos are commonly used in these attacks.
Email remains a primary vector for delivering malicious files, with over 63% of malicious files in India being distributed this way. The report notes that 58% of these malicious email files are executables, while 59% of malicious files delivered via the web are PDFs. Sundar Balasubramanian, Check Point’s MD for India and SAARC, emphasized that the ease of spoofing email addresses and delivering weaponized content makes email a potent tool for spreading malware, stealing credentials, and conducting social engineering attacks.
India's healthcare sector has experienced several high-profile cyberattacks in recent years. In late 2022, hackers targeted AIIMS, allegedly demanding a ransom of around Rs 200 crore in cryptocurrency. Nearly a year later, in late 2023, the Indian Council of Medical Research (ICMR) suffered a severe cyberattack, resulting in the loss of personally identifiable information (PII) of 81 crore Indians. These incidents underscore the urgent need for enhanced cybersecurity measures in India's healthcare sector.