The cyberattack on All India Institute of Medical Sciences<\/a>, which has paralysed the premier healthcare institution for two weeks now, has raised several concerns about the preparedness of the country to ward off similar or bigger-scale attacks on its critical infrastructure. 的在所有印度医学科学研究所网络攻击,瘫痪的医疗机构两周总理现在,引起了一些担忧国家的防范抵御类似或规模攻击它的关键基础设施。
More such attacks could happen as India<\/a>'s data infrastructure gets further integrated and connected, said experts, who asked the country to strengthen its defence against such threats.
India is extremely prone to such attacks, especially on health organisations as there is no law that mandates regular audits for healthcare or a body to oversee the same, unlike with payments where the Reserve Bank of India<\/a> keeps a hawk eye on the organisations and their security levels, said experts ET spoke to.
According to reports, another top hospital in New Delhi — Safdarjung Hospital<\/a> — has also been a target of an attack<\/a> last week even though the severity of the attack has been less compared with the one that hit AIIMS<\/a>.
Whether it is the country’s economic or market institutions or government organisations, everything is a target and institutions need to be extremely careful in terms of protecting data, said Harshil Doshi, director of sales (India and Saarc) at security information and event management company Securonix.
\"AIIMS is a medical institute which holds very sensitive personal health information about the country’s top brass that could actually be used for espionage,” said Doshi.
\"Specifically, if it is a nation-state sponsored attack from an adversary nation, they can potentially misuse this information to wage a different kind of cyber warfare in India which is a big risk for a country like us,\" Doshi added.
Sources in the IT ministry said after the initial wave of attacks<\/a> on critical infrastructure following the easing of Covid-19 lockdowns in 2021, all the government departments had been sent an “exhaustive list of dos and don’ts”.
\"At that time, several government departments such as health, science and technology, nuclear power plants and the armed forces were placed under critical infrastructure category and were asked to double down on their cyber infrastructure,” a senior government official said.
Sources said that the Indian Computer Emergency Response Team (Cert-In) had completed its “initial investigation” of the cyberattack on AIIMS and found several lapses in following the standard operating procedure prescribed for government departments which handle critical state-run infrastructure.
Some experts have also called for government departments to be held more accountable since they deal with a lot of sensitive personal data.
\"The government should mandate independent threat monitoring and response for all government departments. Most government departments are understaffed and under-skilled to monitor and respond to cyber breaches. This will put them at par with private companies and will facilitate early detection and investigation of cyber threats,\" said Amit Jaju, senior managing director at Ankura Consulting Group (India), which advises clients on areas such as cybersecurity risk management and finance.
Experts said healthcare data breaches will become more commonplace, especially in India.
Data from cybersecurity from CloudSEK reveals that the number of cyberattacks against the healthcare industry globally increased 95.34% in the first four months of 2022 compared with a year earlier.
The report said India saw the second-highest number of attacks worldwide, with a total of 7.7% of the total attacks on the healthcare industry in 2021. India accounted for 29.7% of all attacks in the Asia and Pacific region while China was the second most targeted country in the region with 21.6% recorded attacks in 2021, as per the report.
\"The challenge with healthcare is that there is extremely sensitive data of patients and hardly much of a focus on security,\" said Rahul Sasi, cofounder and CEO of CloudSEK.
The danger is not just about the personal data getting compromised.
\"Generally, a hacker will ask for money upon accessing data. But suppose the threat actor is not driven by monetary gains but is looking to misuse the data. In that case, it could be a dangerous proposition, especially in the context of espionage and cyber warfare,\" Sasi said.
Ishwar Prasad Bhat, CEO and founder of Necurity Solutions, said the number of cyberattacks could increase substantially going forward and may become more sophisticated.
\"Proper security audits, monitoring systems and processes need to be in place as the data, reputation and trust are all at stake,\" he said.
Healthcare information technology is an IT branch that helps develop, design, create and maintain information systems in hospitals, clinics and other healthcare facilities. In 2021, the global healthcare IT market was valued at $135.6 billion and was predicted to grow at a compound annual rate of 29.3% in ten years through 2030, according to Allied Market Research.
\"The exponential growth of the global healthcare IT market brought about due to the outbreak of the 2020 global pandemic has led to a significant rise in cyberattacks targeting the sector globally. Safeguarding the medical and financial information of patients emerged as a new challenge for healthcare companies,\" the report said.
The investigation into the AIIMS cyberattack<\/a> should also focus on the insider angle as many hacking groups offer bribes to an insider to facilitate the hack, said Jaju of Ankura Consulting.
<\/p><\/body>","next_sibling":[{"msid":95989325,"title":"Cyber attacks triple in last three years in India, but security funds underutilised","entity_type":"ARTICLE","link":"\/news\/cyber-attacks-triple-in-last-three-years-in-india-but-security-funds-underutilised\/95989325","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[{"msid":"95985499","title":"Cyberattacks on Indian healthcare firms","entity_type":"IMAGES","seopath":"tech\/technology\/aiims-cyberattack-rings-alarm-bells-over-e-infrastructure-safety\/cyberattacks-on-indian-healthcare-firms","category_name":"AIIMS cyberattack rings alarm bells over e-infrastructure safety","synopsis":false,"thumb":"https:\/\/etimg.etb2bimg.com\/thumb\/img-size-243484\/95985499.cms?width=150&height=112","link":"\/image\/tech\/technology\/aiims-cyberattack-rings-alarm-bells-over-e-infrastructure-safety\/cyberattacks-on-indian-healthcare-firms\/95985499"}],"msid":95989405,"entity_type":"ARTICLE","title":"AIIMS cyberattack rings alarm bells over e-infrastructure safety","synopsis":"India vulnerable as there is no law mandating regular healthcare infra audits, say experts.","titleseo":"telecomnews\/aiims-cyberattack-rings-alarm-bells-over-e-infrastructure-safety","status":"ACTIVE","authors":[{"author_name":"Dia Rekhi","author_link":"\/author\/479241730\/dia-rekhi","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/479241730.cms?width=100&height=100&hostid=268","author_additional":{"thumbsize":false,"msid":479241730,"author_name":"Dia Rekhi","author_seo_name":"dia-rekhi","designation":"Correspondent","agency":false}},{"author_name":"Aashish Aryan","author_link":"\/author\/479257742\/aashish-aryan","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/479257742.cms?width=100&height=100&hostid=268","author_additional":{"thumbsize":false,"msid":479257742,"author_name":"Aashish Aryan","author_seo_name":"aashish-aryan","designation":"Special Correspondent","agency":false}}],"Alttitle":{"minfo":""},"artag":"ETtech","artdate":"2022-12-05 07:44:36","lastupd":"2022-12-05 07:45:22","breadcrumbTags":["aiims cyberattack","aiims","ransomware attack","india","ransomware attacks","safdarjung hospital","reserve bank of india","Internet"],"secinfo":{"seolocation":"telecomnews\/aiims-cyberattack-rings-alarm-bells-over-e-infrastructure-safety"}}" data-authors="[" dia rekhi","aashish aryan"]" data-category-name="" data-category_id="" data-date="2022-12-05" data-index="article_1">
可能会有更多的此类攻击发生印度的数据基础设施得到进一步的整合和连接,专家说,世卫组织要求国家加强其防御这种威胁。
印度非常容易这样的攻击,尤其是在卫生机构由于没有法律规定定期审计对于医疗或监督一样,与支付的印度储备银行保持一个鹰眼组织和他们的安全水平,专家说等。
国家的经济还是市场机构或政府组织,一切都是一个目标和机构需要十分小心的保护数据,Harshil Doshi说:销售总监(印度和南亚区域合作联盟)Securonix安全信息和事件管理公司。
“全印度医学科学院医学研究所拥有非常敏感的个人健康信息的高层,可以用于间谍活动,“Doshi说。
“具体地说,如果它是一个民族国家发起攻击敌人的国家,他们可能会滥用这些信息发动网络战在印度一种不同的是一个像我们这样的国家,面临的一大风险”Doshi补充道。
后在IT部门的消息人士表示初始波的攻击宽松政策后对关键基础设施Covid-19封锁2021年,所有的政府部门已派出一个详尽的清单的注意事项。
“当时,几个政府部门如健康、科技、核电站和军队被放置在关键基础设施类别和被要求双网络基础设施,”一位高级政府官员说。
消息人士说,印度计算机紧急响应小组(、)已经完成了“初步调查”的网络攻击在全印度医学科学院,发现几个失误后政府部门的标准操作程序规定处理关键国有基础设施。
一些专家还呼吁政府部门举行更负责任,因为他们处理很多敏感的个人数据。
“政府应该要求所有政府部门独立威胁监视和响应。大多数政府部门人手不足和低技能监控和应对网络漏洞。这将让他们在与私营企业,并将促进网络威胁的早期检测和调查,“高级董事总经理Amit Jaju说Ankura咨询集团(印度),向客户提供网络安全风险管理和金融等领域。
专家表示,医疗数据违反将变得越来越普遍,尤其是在印度。
数据从网络安全CloudSEK表明对全球医疗行业网络攻击的数量增加了95.34%在2022年的前四个月与去年同期相比。
报告说,印度看到第二袭击全球,共有7.7%的总攻击2021年医疗行业。印度占了29.7%的攻击在亚洲和太平洋地区,中国是第二大目标的国家在该地区有21.6%记录攻击在2021年,根据该报告。
“挑战与医疗保健是非常敏感数据的患者,几乎没有太多的关注安全,“拉胡尔Sasi说CloudSEK的创始人和首席执行官。
危险不仅仅是个人数据得到妥协。
“一般情况下,黑客将访问数据时要钱。但假设威胁演员不是由货币收益但希望滥用数据。在这种情况下,它可能是一个危险的主张,特别是在间谍和网络战争的背景下,“Sasi说。
的创始人兼首席执行官Ishwar Prasad Bhat Necurity解决方案,未来说,网络攻击的数量可能会大幅增加,可能会变得更加成熟。
“适当的安全审计、监控系统和流程需要的数据,声誉和信任都是利害攸关的,”他说。
医疗卫生信息技术是一个IT部门,帮助开发、设计、创建和维护信息系统在医院、诊所和其他医疗保健设施。2021年,全球卫生保健IT市场价值1356亿美元,预计以29.3%的年复合增长率增长十年到2030年,根据联合市场研究。
“全球卫生保健IT市场的指数增长带来由于2020年全球爆发大流行导致了全球网络攻击瞄准行业显著上升。维护病人的医疗和财务信息成为新的挑战对于医疗保健公司,”该报告说。
的调查全网络攻击还应该关注内部角尽可能多的黑客组织提供贿赂促进黑客的内幕,说Jaju Ankura咨询。
The cyberattack on All India Institute of Medical Sciences<\/a>, which has paralysed the premier healthcare institution for two weeks now, has raised several concerns about the preparedness of the country to ward off similar or bigger-scale attacks on its critical infrastructure.
More such attacks could happen as India<\/a>'s data infrastructure gets further integrated and connected, said experts, who asked the country to strengthen its defence against such threats.
India is extremely prone to such attacks, especially on health organisations as there is no law that mandates regular audits for healthcare or a body to oversee the same, unlike with payments where the Reserve Bank of India<\/a> keeps a hawk eye on the organisations and their security levels, said experts ET spoke to.
According to reports, another top hospital in New Delhi — Safdarjung Hospital<\/a> — has also been a target of an attack<\/a> last week even though the severity of the attack has been less compared with the one that hit AIIMS<\/a>.
Whether it is the country’s economic or market institutions or government organisations, everything is a target and institutions need to be extremely careful in terms of protecting data, said Harshil Doshi, director of sales (India and Saarc) at security information and event management company Securonix.
\"AIIMS is a medical institute which holds very sensitive personal health information about the country’s top brass that could actually be used for espionage,” said Doshi.
\"Specifically, if it is a nation-state sponsored attack from an adversary nation, they can potentially misuse this information to wage a different kind of cyber warfare in India which is a big risk for a country like us,\" Doshi added.
Sources in the IT ministry said after the initial wave of attacks<\/a> on critical infrastructure following the easing of Covid-19 lockdowns in 2021, all the government departments had been sent an “exhaustive list of dos and don’ts”.
\"At that time, several government departments such as health, science and technology, nuclear power plants and the armed forces were placed under critical infrastructure category and were asked to double down on their cyber infrastructure,” a senior government official said.
Sources said that the Indian Computer Emergency Response Team (Cert-In) had completed its “initial investigation” of the cyberattack on AIIMS and found several lapses in following the standard operating procedure prescribed for government departments which handle critical state-run infrastructure.
Some experts have also called for government departments to be held more accountable since they deal with a lot of sensitive personal data.
\"The government should mandate independent threat monitoring and response for all government departments. Most government departments are understaffed and under-skilled to monitor and respond to cyber breaches. This will put them at par with private companies and will facilitate early detection and investigation of cyber threats,\" said Amit Jaju, senior managing director at Ankura Consulting Group (India), which advises clients on areas such as cybersecurity risk management and finance.
Experts said healthcare data breaches will become more commonplace, especially in India.
Data from cybersecurity from CloudSEK reveals that the number of cyberattacks against the healthcare industry globally increased 95.34% in the first four months of 2022 compared with a year earlier.
The report said India saw the second-highest number of attacks worldwide, with a total of 7.7% of the total attacks on the healthcare industry in 2021. India accounted for 29.7% of all attacks in the Asia and Pacific region while China was the second most targeted country in the region with 21.6% recorded attacks in 2021, as per the report.
\"The challenge with healthcare is that there is extremely sensitive data of patients and hardly much of a focus on security,\" said Rahul Sasi, cofounder and CEO of CloudSEK.
The danger is not just about the personal data getting compromised.
\"Generally, a hacker will ask for money upon accessing data. But suppose the threat actor is not driven by monetary gains but is looking to misuse the data. In that case, it could be a dangerous proposition, especially in the context of espionage and cyber warfare,\" Sasi said.
Ishwar Prasad Bhat, CEO and founder of Necurity Solutions, said the number of cyberattacks could increase substantially going forward and may become more sophisticated.
\"Proper security audits, monitoring systems and processes need to be in place as the data, reputation and trust are all at stake,\" he said.
Healthcare information technology is an IT branch that helps develop, design, create and maintain information systems in hospitals, clinics and other healthcare facilities. In 2021, the global healthcare IT market was valued at $135.6 billion and was predicted to grow at a compound annual rate of 29.3% in ten years through 2030, according to Allied Market Research.
\"The exponential growth of the global healthcare IT market brought about due to the outbreak of the 2020 global pandemic has led to a significant rise in cyberattacks targeting the sector globally. Safeguarding the medical and financial information of patients emerged as a new challenge for healthcare companies,\" the report said.
The investigation into the AIIMS cyberattack<\/a> should also focus on the insider angle as many hacking groups offer bribes to an insider to facilitate the hack, said Jaju of Ankura Consulting.
<\/p><\/body>","next_sibling":[{"msid":95989325,"title":"Cyber attacks triple in last three years in India, but security funds underutilised","entity_type":"ARTICLE","link":"\/news\/cyber-attacks-triple-in-last-three-years-in-india-but-security-funds-underutilised\/95989325","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[{"msid":"95985499","title":"Cyberattacks on Indian healthcare firms","entity_type":"IMAGES","seopath":"tech\/technology\/aiims-cyberattack-rings-alarm-bells-over-e-infrastructure-safety\/cyberattacks-on-indian-healthcare-firms","category_name":"AIIMS cyberattack rings alarm bells over e-infrastructure safety","synopsis":false,"thumb":"https:\/\/etimg.etb2bimg.com\/thumb\/img-size-243484\/95985499.cms?width=150&height=112","link":"\/image\/tech\/technology\/aiims-cyberattack-rings-alarm-bells-over-e-infrastructure-safety\/cyberattacks-on-indian-healthcare-firms\/95985499"}],"msid":95989405,"entity_type":"ARTICLE","title":"AIIMS cyberattack rings alarm bells over e-infrastructure safety","synopsis":"India vulnerable as there is no law mandating regular healthcare infra audits, say experts.","titleseo":"telecomnews\/aiims-cyberattack-rings-alarm-bells-over-e-infrastructure-safety","status":"ACTIVE","authors":[{"author_name":"Dia Rekhi","author_link":"\/author\/479241730\/dia-rekhi","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/479241730.cms?width=100&height=100&hostid=268","author_additional":{"thumbsize":false,"msid":479241730,"author_name":"Dia Rekhi","author_seo_name":"dia-rekhi","designation":"Correspondent","agency":false}},{"author_name":"Aashish Aryan","author_link":"\/author\/479257742\/aashish-aryan","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/479257742.cms?width=100&height=100&hostid=268","author_additional":{"thumbsize":false,"msid":479257742,"author_name":"Aashish Aryan","author_seo_name":"aashish-aryan","designation":"Special Correspondent","agency":false}}],"Alttitle":{"minfo":""},"artag":"ETtech","artdate":"2022-12-05 07:44:36","lastupd":"2022-12-05 07:45:22","breadcrumbTags":["aiims cyberattack","aiims","ransomware attack","india","ransomware attacks","safdarjung hospital","reserve bank of india","Internet"],"secinfo":{"seolocation":"telecomnews\/aiims-cyberattack-rings-alarm-bells-over-e-infrastructure-safety"}}" data-news_link="//www.iser-br.com/news/aiims-cyberattack-rings-alarm-bells-over-e-infrastructure-safety/95989405">
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动