With data emerging as a new resource in the modern world controlling businesses, states, and nations, it can be rightly called the new crude oil.
Cybercriminals, last November, attacked India's top public health institute, AIIMS Delhi, paralyzing the institution's ability to deliver basic medical care to tens of thousands of patients.
The cyberattack had rendered the AIIMS e-hospital system inoperable, including, among other things, the generation of laboratory reports, the smart lab, and appointments and registration at outpatient departments (OPDs). Long waiting lines and mishandling of emergency cases were caused by the disruptions. The institute claimed that a ransomware assault had corrupted all files kept on the hospital's primary and backup systems.
Around four crore patient profiles, including private information and VIPs' medical records, were taken hostage by the culprits. The hacked databases include administrative data on blood donors, ambulances, vaccines, caretakers, employee login passwords, and Personally Identifiable Information (PII) of patients and healthcare professionals.
The attack's scope and threat were so great that other organizations, including the Delhi Police, the CERT of the Centre, the Ministry of Home Affairs, and even the National Investigation Agency, have joined the investigation. They haven't been able to solve the case, though. The attack, though significant, occurred less than a month after AIIMS declared it would go paperless starting on January 1, 2023, and go digital by April 2023.
The AIIMS incident is not unique, though. The Indian healthcare industry was the second most attacked globally, according to cyber security watchdog CloudSEK. The company's research revealed that during the pandemic, cyberattacks on health organizations increased dramatically. According to their report, "the number of cyberattacks on the industry increased by 95.34 percent in the first four months of 2022 compared to the same time in 2021."
A software security firm called Indusface claims that its clientele in the global healthcare industry has experienced more than one million cyberattacks of all kinds. Of them, 278,000 attacks were reported in India only.
There is hardly any general public understanding of cyber safety. Most people are unaware of the importance of their personal information or the security risks that could result from unauthorized access to it. One can speculate on how having their voter ID card or Aadhaar number made public might impact them.
Unrestricted access can result in identity theft, which fraudsters use to perpetrate financial fraud, coerce someone into committing a crime, and engage in other criminal