Researchers reported a 45% increase in cyberattacks on healthcare organisations worldwide between November and December. This makes it the most targeted sector by cybercriminals, according to Check Point Research, a firm that provides cyberthreat intelligence.
In India too, in the previous year, pharma biggies Dr Reddy’s Laboratories and Lupin reported incidents of cybersecurity breach that affected multiple internal IT systems. Sensitive data of lakhs of patients was reportedly accessible online, according to cybersecurity firm Hackrew.
There was a 37% increase in cyberattacks on healthcare organisations in the country during November and December, totalling 2,915 incidents. Of these, ransomware incidents showed the biggest increase, Omer Dembinsky of Check Point Software Technologies told TOI. What’s more alarming, the 45% surge in cybercrime globally in the healthcare sector is double the increase of such attacks on all other industries during the same period. Sectors outside of healthcare witnessed an increase of 22% in cyberattacks in the same period.
Though the spike in cyberattacks came in November-December, hospitals and healthcare organisations have been targeted by a rising wave of ransomware attacks throughout 2020. Experts believe that the major motivation for these attacks is financial, and/or to disrupt vital research operations.
KPMG India partner and head (cybersecurity) Atul Gupta said, “Cyberattacks have increased significantly. Attackers are very focused in targeting organisations/entities, which can maximise the commercial value of the attack. The current trend clearly indicates that the attackers go after data that can be of significant value, such as customer financial data, health records and intellectual property. Cybersecurity is a constantly moving target, with the attacker having an opportunity to exploit the smallest of potential weaknesses and, consequently, it’s critical for organisations to have a comprehensive cyber-programme with adequate technical controls deployed. Cyber should not be considered as technology risk only and it’s absolutely must for organisations to establish it as business risk with direct oversight from the board.”
Further, the use of test-and-track apps globally during the pandemic could also make individuals vulnerable to cyber-risks, industry experts say. Globally, the average number of weekly attacks in the healthcare sector reached 626 per organisation in November, compared with 430 in October, the data showed.
Ransomware is the biggest malware threat to healthcare organisations when compared to other industry sectors. These attacks against hospitals and related organisations may be particularly damaging because any disruption to their systems could affect their ability to deliver care. This endangers life — all this is aggravated with the pressures these systems are facing trying to cope with the global increase in Covid-19 cases, the research added.
Significantly, cybersecurity failure is ranked fourth as part of ‘clear and present danger’ over the short term (0-2 years), among the top risks of the next 10 years, according to the recently released Global Risks Report 2021 by the World Economic Forum.