Cyber attack on AIIMS: Why e-infrastructure safety is a must?


According to experts, India is vulnerable because no law requires routine healthcare infrastructure audits

The cyberattack on the All India Institute of Medical Sciences, which has rendered the premier healthcare institution inoperable for the past two weeks, has sparked several questions about how well the nation is prepared to defend against attacks on its critical infrastructure on a similar or larger scale.

As India’s data infrastructure becomes more connected and integrated, experts warned that more attacks may occur and urged the nation to bolster its defenses against them.

According to experts, India is particularly vulnerable to such attacks because there is no law requiring regular audits of the healthcare industry or a body to oversee it, unlike with payments, where the Reserve Bank of India keeps a close eye on the organizations and their security levels. Safdarjung Hospital, another prestigious hospital in New Delhi, is said to have been the target of an attack last week, although it was less severe than the one that struck AIIMS.

Everything is a target, whether it be the government organizations or the country’s economic or market institutions, according to Harshil Doshi, Director of Sales (India and SAARC) at the security information and event management firm Securonix.

Doshi stated that the AIIMS holds very sensitive personal health information about the country’s top brass that could actually be used for espionage. He continued, “Specifically if it is a nation-state sponsored attack from an enemy nation, they can potentially misuse this information to wage a different kind of cyber warfare in India which is a big risk for a country like us.”

According to sources in the IT ministry, all government departments received an “exhaustive list of dos and don’ts” following the initial wave of attacks on critical infrastructure following the relaxation of Covid-19 lockdowns in 2021.

According to a senior government official, several government departments at the time, including the departments of health, science and technology, nuclear power plants, and the armed forces, were classified as critical infrastructure and asked to strengthen their cyber infrastructure.

According to sources, the Indian Computer Emergency Response Team (Cert-In) had finished its “initial investigation” into the cyberattack on the AIIMS and discovered several flaws in the government departments’ adherence to the standard operating procedure.

Since they handle sensitive personal data, some experts have also called for government departments to be held to higher accountability standards.

“All government departments should be required to conduct independent threat monitoring and response. The majority of government agencies lack the personnel and expertise needed to monitor and address cyber breaches. This will enable early detection and investigation of threats and put them on par with private companies, “informed Amit Jaju, senior managing director at Ankura Consulting Group (India), which provides clients with advice on cybersecurity risk management and finance.

According to experts, healthcare data breaches will reportedly increase in frequency, particularly in India. According to cybersecurity data from CloudSEK, there were 95.34% more cyberattacks against the healthcare sector globally in the first four months of 2022 than in the same period the previous year.

According to the report, 7.7% of all attacks on the healthcare sector worldwide in 2021 occurred in India, which also had the second-highest number of attacks overall. According to the report, China was the second most targeted country in the region, with 21.6% of attacks recorded in 2021. India accounted for 29.7% of all attacks in the Asia and Pacific region.

Rahul Sasi, cofounder and CEO of CloudSEK, said: “The challenge with healthcare is that there is hardly any focus on security and there is extremely sensitive data of patients.”

The risk extends beyond just compromised personal information. “Typically, when a hacker gains access to data, they demand payment. Imagine, however, that the threat actor is not motivated by financial gain but rather by a desire to abuse the data. In that case, it might be a risky move, particularly in light of espionage and cyberwarfare,” said Sasi.

The CEO and founder of Security Solutions, Ishwar Prasad Bhat, stated that the number of cyberattacks in the future could significantly rise and possibly become more sophisticated.

He said that data, reputation, and trust are all at risk, so proper security audits, monitoring systems, and processes need to be in place.

Hospitals, clinics, and other healthcare facilities can benefit from developing, designing, creating, and maintaining information systems thanks to the IT branch known as healthcare information technology. According to Allied Market Research, the global healthcare IT market was estimated to be worth $135.6 billion in 2021. It was expected to expand at a compound annual rate of 29.3% over the ensuing ten years through 2030.

“The global pandemic of 2020 has caused the global healthcare IT market to grow exponentially, which has significantly increased the number of cyberattacks directed at the industry. Healthcare organizations now face a new challenge: protecting patients’ medical and financial information,” said the report.

According to Jaju of Ankura Consulting, the insider angle should also be the main focus of the investigation into the AIIMS cyberattack because many hacking groups pay an insider to facilitate the hack.