AIIMS ransomware attack: Key patient data at risk of leak, sale on Dark Web

New Delhi: With the All India Institute of Medical Sciences (AIIMS), New Delhi, still struggling to get its servers up and running after a massive ransomware attack earlier this week, cyber-security researchers on Saturday said the most reported attacks in the healthcare industry, which rose during the pandemic, involve the leak or sale of databases on the Dark Web.

The exploited databases contain Personally Identifiable Information (PII) of patients and healthcare workers, as well as administrative information such as blood donor records, ambulance records, vaccination records, caregiver records, login credentials, etc.

“Government agencies involved in the healthcare industry should abide by HIPAA’s (Health Insurance Portability and Accountability Act) compliance requirements, create awareness among users regarding cyber-attacks, online scams, and phishing campaigns, set up policies for secure passwords and enable multi-factor authentication (MFA),” a spokesperson of AI-driven cyber-security firm CloudSEK told IANS.

The cyber attack on AIIMS shut down its main and back-up servers.

The attackers hacked the e-hospital service which manages the patient data system, affecting the outpatient department (OPD) and sample collection services.

Those behind the cyber attack have warned AIIMS to “prepare for a negotiation”.

Delhi Police are investigating the cyber attack.

Meanwhile, AIIMS officials said that all affected online patient services are now being run on manual mode.

According to CloudSEK, a massive spike in cyberattacks on healthcare organisations has been witnessed during the pandemic.

“Our research shows that in the first four months of 2022, the number of cyberattacks on the industry rose by 95.34 per cent compared to the same period in 2021. The Indian healthcare sector was the second most targeted when it comes to cyberattacks worldwide,” the company spokesperson said.

Protecting patients’ medical and financial information has emerged as a new challenge for healthcare organisations.

According to Indusface, an application security SaaS company, there were more than 1 million cyber attacks of various types across Indusface’s global healthcare clientele.

Of these, 278,000 attacks were reported in India, highlighting the vulnerabilities of the Indian healthcare sector.

CloudSEK research revealed recently that immediate challenges to the healthcare sector include phishing and BEC (business email compromise), ransomware attacks, DDoS (Distributed Denial of Service) attacks, insider threats, critical infrastructure and �Medjacking’, etc.

In August this year, the UK’s National Health Service (NHS) was hit by a ransomware attack via a third-party vendor.

Advanced, which provides several products to NHS hospitals and clinics, said its systems were disrupted by a ransomware attack on August 4.

Three months after the major attack wiped out NHS systems, patients’ records are still missing and safety has been compromised, according to reports.

The August attack has been the most disruptive cyber-security incident on the health service since WannaCry ransomware attack in May 2017, which disrupted 80 NHS trusts and 603 NHS organisations, including 595 GP practices.

“Organisations should frequently update and patch networks, systems, and software. Keep several backups, both online and offline, in different and secure places. Keep an eye on logs for any unexpected traffic and activity on websites and other applications,” advised CloudSEK.

Healthcare experts, including hospital staff, should avoid clicking on suspicious emails, messages and links, it said. – IANS

Soldier among 4 arrested in duping case in UP

Four persons, including an former Indian army man, have been arrested for allegedly duping job seekers with the promise of getting them recruited in the armed forces, the Uttar Pradesh...

Delhi hit-and-drag case: Victim was drunk at the time of incident, sources

New Delhi : Delhi Police have received the 'viscera examination report' of 20-year-old Anjali, who met a painful end after being dragged by a car for several kms on the...

J&K: Teacher turns terrorist arrested, perfume IED recovered

A school teacher in Jammu and Kashmir allegedly became a hardcore terrorist and carried out several bomb blasts in the erstwhile state, said Director General of Jammu and Kashmir Police...

Lucknow court signs release order, Kerala journalist to walk out of jail soon

A month after the Allahabad High Court granted bail to Kerala Journalist Siddique Kappan, a sessions court in Lucknow on Wednesday signed orders to release him on bail, Live Law...

Two apprehended for killing Class 12 student in Delhi’s Kalkaji

New Delhi:  Delhi Police have apprehended two accused, including a juvenile, for allegedly stabbing a Class 12 student to death in Southeast Delhi's Kalkaji area. According to a senior police...

Asaram Bapu sentenced to life imprisonment for raping disciple

Asaram’s disciple filed a case in 2013 accusing him of repeatedly raping her between 2001 and 2006 at his ashram in Ahmedabad The self-proclaimed religious man is already serving a...

Gandhinagar court convicts godman Asaram Bapu for raping woman disciple 

A court in Gandhinagar on Monday convicted self-styled godman Asaram Bapu in a woman disciple rape case registered against him in 2013. Sessions court judge DK Soni reserved its order...

UP anti-terror court hands death penalty to convict in Gorakhnath temple attack

Abbasi attacked the security personnel deployed at the premises with a sickle on April 3 last year. Two Provincial Armed Constabulary (PAC) constables were injured in the incident. He was...

Odisha health minister shot in the chest by cop

Odisha health and family welfare minister and senior Biju Janata Dal (BJD) leader Naba Das on Sunday sustained serious injuries after an assistant sub inspector (ASI) fired at him from...

Gujarat junior clerk paper leak: ATS takes 15 suspects in custody

Gandhinagar:  After the Gujarat Panchayat Service Selection Board's (GPSSB) Junior clerk competitive written exams were cancelled on Sunday following the paper leak, the ATS rounded up 15 suspects. A total...

Batla House convict Shehzad Ahmed dies in AIIMS during treatment

Batla House convict Shehzad Ahmed, died on Saturday at New Delhi’s AIIMS hospital during pancreatitis treatment. Officials said, “The convict was admitted to GTB hospital on December 8, 2022, for...

Passenger tweets ‘flight hijacked’, arrested at IGI

New Delhi A passenger on a Dubai-Jaipur flight, which was diverted to Delhi's IGI Airport due to bad weather, was taken off and arrested after he tweeted "flight hijacked", a...

Read Previous

Ghosts of polarization haunts ‘secular circles’; Owaisi hits back at Shah for ‘teach a lesson’ remarks

Read Next

26/11 a blurry memory, but Gen Z ‘safer, secure’ in a more confident India

Leave a Reply

Your email address will not be published.

WP2Social Auto Publish Powered By :