Trends in cyberattacks in the healthcare sector?
Ransomware Attacks, DDoS were the popular types of attacks that impacted the Health Care Industry. Since the pandemic has started Health care sector started facing an enormous number of Cyber Attacks. The faster digitalization of the health sector due to pandemics has enabled both small and big players to go digital storing their huge amount of data in the cloud. Many of the smaller players may be using a lot of third-party vendors which would surely increase the risk. The big players may afford AI-backed solutions monitor attacks and do regular assessments. Like many other sectors, the possibility of Insider threat is high in this field. Health care data is a gold mine in this era. It could be used by Cyber threat actors to fraud someone or either sell it to any vendor in the industry which could potentially turn into marketing some products. A report about 500 Fortune companies says even in 2018, cyber attackers targeted the pharmaceutical industry the most.
Has the pandemic made healthcare more vulnerable from a cybersecurity perspective?
We have some case studies like a German hospital’s operation being disrupted due to Cyber-attack. As always cyber threat actors always try to exploit the right situation. Many of those small and mid-players were less impacted or were not aware of them being impacted by a Cyber Attack scenario. This approach changes during this pandemic. Both Patient data, as well as Employee data in health care, is a gold mine in these times. Also due to the urgencies that happen in these times many of those health care workers may not even find cybersecurity a priority.
In 2020 October, Ryuk Ransomware targeted many hospitals in the US, as a result, a threat advisory has been given by the national cybersecurity agency. The Hospitals had to purchase new devices to replace the affected ones. Also, the none effective ones had to step up their security by shutting down their Email servers, etc. this shows that health care sectors have been taking these contexts seriously by levelling up their security to prevent the attacks.
Given the supply of vaccinations, how crucial is the protection of the supply chain in the healthcare industry?
Supply Chain based attacks have been highly gripping the industry. While there was Cyber Security beef up in the Pharma industry we don’t have clarity on the Raw Material providers. This is something that has become a major worry. Anyone in the supply chain being affected by a cyber-attack could slow down the process of vaccinating more people. Major Pharma player behind manufacturing vaccines is capable to manage their cybersecurity to an extent. But the worry is whether their vendors and their security ratings are properly monitored which could finally end up in a supply chain attack.
How are Indian healthcare players addressing cyberattacks?
Considering the urgency to go digital increased the chance of becoming vulnerable. It took some time for major Indian health care brands to be prepared about the Cyber Attacks. The Ransomware incident with Dr.Reddy’s Laboratories was an eye-opener to many major brands to be more prepared to do regular checks on their infrastructure to prevent further exploitations of Vulnerabilities. It’s a known fact that majority of the players in Pharma industry are also a victim to Cyber Attacks on regular basis. Agencies Like CERT and NCIIPC have been actively monitoring Cyber Attacks targeting Indian Health Care Sector.
A year before we saw Indian blood bank data belonging to more than 10000 donors were kept for the free access in data sharing platforms which including donors’ names, email, blood groups, Pin codes, and even passwords were available. These kinds of small data too could be a potential reason for an individual getting targeted online.
In India, we are witnessing healthcare-based cyber scams which are highly operational through both Phishing as well as Smishing. We will have to assume that many are installing fake apps related to covid vaccines even after multiple threat advisory from agencies.
What are some of the weakest links in the healthcare industry’s cybersecurity practices or initiatives?
Lack of preparedness was one of the major points in the cybersecurity industry; Outdated hardware and software were another major weak link in the industry; While Major players can focus on their vendor security and ensure that regular audits happen in the third-party vendors, Mid-size and small players have very small access to their kinds of insights; We cannot deny the fact that a potential threat could come from a security weakness in a third-party vendor since many Mid and small players would be surely depending on them for their IT and ITES needs.
Your suggestions for the industry to ensure that they remain more vigilant and adopt more of the best practices in cybersecurity?
Develop a cybersecurity culture from the board itself; Educate Staff; Create a proper IT Security Policy; Ensure regular threat Assessments and audits; Proper monitoring of infrastructure; Regularly change passwords; Regularly Back Up data; Bring Data control and limit the access; Follow compliances like HIPPA; Check for proper Risk and Exposure monitoring
As a cybersecurity start up, have you exposed any of the data breaches ?
Technisanct started operations in February 2018 offering managed services in the field of digital risk management and subsequently launched Digital Risk Monitoring tool ‘Integrite’. We intend to fight the issues of cyber threats, spreading of misinformation, privacy and data breaches, using big data and artificial intelligence. Every year millions of data gets breached that are discovered way too late at times after many years.
We found a database with around 93 Million DND numbers in an excel file during our routine research activities. Our analysis found this massive breach of data last year. In another instance, we identified that multiple vendors were selling fake sim cards and carding products via telegram.