Over seven million cyber attacks were recorded on the Indian healthcare sector, including vaccine makers and hospitals, between October 1 and November 25, according to a report by the CyberPeace Foundation. These attacks were recorded on the healthcare sector-based Threat Intelligence Sensors network specifically simulated in India. The network identified a total of 54,34,825 attacks in October, and 16,43,169 attacks in November.
During the COVID-19 pandemic, “many ransomware attacks have taken place in the healthcare sector, starting from April 2020,” the Foundation said. “Attackers have also targeted the medical manufacturing sector, billing system etc through ransomware. The most common ransomware that has been seen during this COVID-19 situation is ‘NetWalker ransomware’, ‘PonyFinal ransomware’, ‘Maze ransomware’ etc.,” it added.
The most vulnerable systems are ones that are unmonitored and facing the internet, including those having Remote Desktop Protocol (RDP) enabled, or old Windows server platforms. RDP is utilised to use desktop computers remotely, i.e., allowing for a faraway desktop computer to be used from a separate computer.
CyberPeace Foundation also identified many cyberattack attempts – including brute force and masquerading as spear-phishing – as state-backed Russian and North Korean hackers trying to steal valuable data from leading pharmaceutical companies and vaccine researchers. “Most of the targets located in Canada, France, India, South Korea and the United States were directly involved in researching vaccines and treatments for COVID-19,” the Foundation added.
CyberPeace Foundation is a civil society organisation and think tank that works on building resilience against cybercrimes and global threats of cyber warfare. The key areas it works on are technology governance, policy review and advocacy, capacity and capability creation, via partnerships with government as well as civil society organisations and academic institutions.