New Delhi: Cybersecurity company CloudSEK’s AI digital risk platform XVigil on Wednesday detected a group of Russian-born threat actors claiming to have targeted India Ministry of Health‘s health management information system.
Access to the staff directory and chief physicians of all Indian hospitals is likely to have been jeopardized. This raises the possibility of exfiltration of license documents and personally identifiable information being sold on cybercrime forums on the dark web.
It was inferred that the attack was a result of India agreeing to G7 nations’ price caps and sanctions on Russian oil.
Health care Since systems are critical infrastructure, any interruption or interference can have serious consequences. In November, AIIMS faced a cyberattack that crippled its servers, potentially putting the health records and sensitive data of 30 to 40 million patients at risk.
According to a report by a group of experts Pokemon Institutewhich tracks privacy and information technology issues, the average cost of a healthcare data breach is estimated to be $7.13 million, higher than the average cost of a breach in other industries.
In addition, cyberattacks on healthcare systems can have indirect costs, in the form of costs for healthcare services that are unavailable or delayed as a result of system outages or operational disruptions. These expenses can affect patient treatment and have a long-term financial and health impact.
Phoenixa ‘hacktivist’ group, previously used social engineering techniques to trick victims into falling for phishing scams to acquire their passwords and gain access to their bank and payment accounts.
The group is famous for carrying out DDoS attacks on various nation-states and departments, as well as being active in hardware. to hack and resell them in Kyiv and Kharkiv through a network of controlled outlets.
The group has a history of attacking hospitals in Japan and the UK, US-based healthcare organizations that serve the US military, and the Spanish Ministry of Foreign Affairs, among others.
In the case of Phoenix, the alleged involvement of a foreign state-sponsored hacking group makes the situation even more worrisome, as it raises questions about international cybersecurity standards and the potential for cyberwarfare.
The incident highlights the need for increased vigilance and security measures to protect critical infrastructure and sensitive information from cyber threats. It also underlines the importance of international cooperation to address cyber attacks and ensure global cybersecurity.