Tenable has highlighted a concerning change in the tactics of cybercriminals who are now focusing their attacks on targets without significant financial standing but have the ability to cause great harm if compromised – healthcare organisations.
The recent breach of the CoWIN portal, India’s exclusive platform for COVID-19 vaccination distribution, led to the unauthorised disclosure of healthcare and personal data of millions of individuals. The breach occurred through a state-owned chatbot on an instant messaging application. While the Union Health Ministry and CERT-In are investigating the reported breach, one fact remains evident: cybercriminals are showing a growing interest in healthcare information.
“Cybercriminals have long been drawn to high-yield organisations like healthcare and critical infrastructure providers due to the significant profit margins involved,” said Kartik Shahani, country manager at Tenable India. “While these attacks show no signs of slowing down, there is a noticeable shift towards cybercriminals targeting high-value healthcare information. Cybercriminals are keenly aware that healthcare providers have been historically slow in adopting proactive measures to secure their interconnected IT and OT systems.”
“Cyberattacks can have dire consequences – from financial losses to disruptions in critical medical services, compromised patient information and care. As many customers are being alerted about their information being leaked on the dark web, it only highlights the urgent need to strengthen cybersecurity measures,” he added.
The 2022 Threat Landscape Report by Tenable revealed that India’s healthcare sector was the second most targeted by cybercriminals, indicative of innovation outpacing cybersecurity in the industry. In addition, Cert-In in its latest study found that healthcare is among the fifth most-targeted industries by ransomware actors. Given how the threat landscape has changed, it’s never been more important for healthcare organisations to view the entire attack surface, detect attack pathways and identify the most critical assets.
Protecting healthcare data has never been more important with the Indian government planning to enact stringent data-protection laws. The proposed Digital Personal Data Protection Bill calls for strict penalties on organisations that fail to install cybersecurity measures to protect customer data.
Kartik Shahani emphasizes the importance for healthcare organisations in India to take immediate action to enhance their security posture, urging them not to rely solely on forthcoming regulations. According to Shahani, “Waiting for regulations to be passed to improve security can do more harm than good. Organisations entrusted with healthcare information must prioritise cybersecurity by implementing proactive measures to protect sensitive data. This includes conducting regular risk assessments to identify vulnerabilities, providing cybersecurity training to employees, and maintaining continuous monitoring of systems to detect potential threats.”
Shahani also stresses that organisations handling healthcare information play a vital role as pillars of trust and security for the public. Taking proactive steps to safeguard against cyber threats not only ensures the well-being of individuals but also safeguards the continuity of essential services.
