Hospitals store a huge amount of confidential patient data, making them vulnerable to hackers. These records are in the form of social security numbers, demographics, and financial and health information that can be monetised for nefarious purposes.
While putting networks behind strong firewalls is usually recommended, is it enough? A recent report indicates that hospitals remain far from secure.
According to a national daily, a team of experts from the National Forensic Sciences University (NFSU) was taken aback when it checked the logs of the ransomware files at a city hospital following a cyberattack a few months back. The EXE file still existed in the system.
“The latest attack was found to be of the ransomware of Phobos class, which has been around since 2018 and evolving continuously. According to our information, in the past month, there have been two major attacks on hospitals and a major pharma company. Of the three cases, an FIR has been filed for only one,” a senior cyber cell official was quoted saying.
He added that companies were wary of reporting cyberattacks, fearing their reputation could be tarnished.
A cyber security expert told the daily that attackers used such tactics to cover a large ground. He has said that if attackers control the root directory, even cyber security might not detect the virus.
Astonishingly, NFSU sources revealed that while the system appeared to function normally after the threat, the decryption of data, which poses a challenge, remained undetected.
The report said that hospital administration has been advised to adopt cloud storage to safeguard against such incidents.
Sunny Vaghela, CEO of a city-based cyber safety firm, was quoted as saying, “They often threaten to release the data on the dark web or sell it for a price. Prevention is better than cure, and here also, the demand for penetration testing is on the rise. Firewall breaches and delayed activation of the ransomware ‘payload’ indicate that active cyber safety measures remained ineffective. There could be many reasons for it including pending system updates and the absence of a real-time warning.
Read also: Vande Bharat: Technological Marvel Transforming Indian Railways