Current:Home > ScamsCyberattacks on hospitals thwart India's push to digitize health care-InfoLens
Cyberattacks on hospitals thwart India's push to digitize health care
View Date:2024-12-23 14:14:02
In late November, as a thick layer of smog settled on the All India Institute of Medical Sciences in New Delhi, patients began to experience extended wait times. Long lines snaked along the vast building and backed up for several yards.
Computers at the hospital had stopped working, so medical reports could not be generated. Though patients were still being treated, paper bills were being handed out. After a few days, people who feared that traveling back home would be too expensive began to sleep under a nearby overpass to wait it out.
A massive cyberattack had compromised the health data of millions of patients, from those who live in extreme poverty to high-profile politicians, bureaucrats and judges.
The Delhi Police had a bigger problem at hand. They were in possession of an email that read, "What happened? Your files are encrypted? What is the price to repair? The price depends on how fast you can pay to us," reported news sources.
The Delhi police initially denied reports of a ransom demand. But they later confirmed that the servers at AIIMS were attacked and data was being held for ransom. Police sources were quoted as saying the attack originated from China and Hong Kong.
Two weeks later, servers at AIIMS are just now limping back to normal.
A digital health ID for every Indian
Cybersecurity experts express larger concerns.
Because India does not have robust cybersecurity systems or strong data protection laws, the breach has made observers uneasy about Prime Minister Narendra Modi's ambitious plan to digitize the health records of all Indians.
In 2020, most people around the world were just hearing about COVID-19. Indians were forced into a sudden lockdown, and no one knew when vaccines or a semblance of normal life would return.
Against that backdrop, Modi announced that every Indian would get a health ID under the National Digital Health Mission: "Your every test, every illness, what doctors prescribed and when, your reports will be on a single health ID."
These health records can be accessed by health-care professionals only after the informed consent of the ID holder, Modi clarified.
Cybersecurity experts are doubtful about getting informed consent as that concept is relatively new in the country. "Citizens being forced to get a health ID and digitize their health records without the right safeguards is making them vulnerable," says Srinivas Kodali, a technology expert and researcher with Free Software Movement of India. "With plans for ubiquitous sharing of health records across hospitals, doctors, insurance agencies and health tech firms, Indians' health data is expected to be more prone to leaks, data breaches and exploitation," he adds.
More than 170,000 hospitals across the country have signed up for the National Digital Health Mission already. Registration is mandatory for government-run hospitals.
Right across from AIIMS is another massive government-run hospital, where thousands of people line up for treatment. Around the same time that AIIMS reported the ransomware attack, Safdarjung Hospital also reported a cyberattack that incapacitated its servers for a day. Data was not breached and the servers were restored quickly.
Currently, the safety of a patient's data will depend on how safe the hospital servers are. Under the National Digital Health Mission, all hospitals will be responsible for storing and protecting the patient data they collect. Patients at Safdarjung were merely lucky that their data was not breached.
Kodali says if there is a plan to have one unique national health ID, then the cybersecurity of the such massive amounts of data should be the responsibility of the government. "To expect hospitals to deal with their own cybersecurity is like asking an IT professional to medically operate on himself," he says.
In a 2022 white paper, the artificial intelligence company CloudSEK said that cyberattacks on the global health care industry rose by more than 95% compared to last year. Attacks mostly occurred on systems in the U.S., followed by India.
Cyberthreats loom
Observers warn against large-scale digitization before necessary checks are in place. "In large systems, digitalization can bring in efficiencies, but it also creates the possibility of disruption to information flows with cascading impacts for society," says Anita Gurumurthy, director of the non-profit IT for Change, which works on tech policy and human rights.
Indian authorities agree that the country is facing increasing cyberthreats. The Indian Computer Emergency Response Team (CERT-IN), the national cybersecurity watchdog, noted a 51% increase in the number of ransomware attacks, including on critical infrastructure, from the year before.
In the absence of a personal data protection bill, as well as a law governing the digital health ecosystem, Gurumurthy says, the regulatory system is not conducive to maintaining large data sets.
In addition, users' lack of awareness about cyber risks and the use of old, legacy technologies contribute to vulnerability, according to Rajeswari Pillai Rajagopalan, director of the Centre for Security, Strategy and Technology (CSST) at the think tank Observer Research Foundation. "India also needs to study the evolving tactics, techniques and procedures [TTPs] of hackers and criminals to be able to prevent these attacks. India will pay a serious price if it is seen as an easy target."
veryGood! (599)
Related
- Who will save Florida athletics? Gators need fixing, and it doesn't stop at Billy Napier
- The 2024 Met Gala Garden of Time Theme and Dress Code, Explained
- Matt Brown, who has the second-most knockouts in UFC history, calls it a career
- Real Madrid wins its record-extending 36th Spanish league title after Barcelona loses at Girona
- What is best start in NBA history? Five teams ahead of Cavaliers' 13-0 record
- 'Will Palestine still exist when this war is over?' My answers to my children's questions.
- 'It's one-of-a-kind experience': 'Heeramandi' creator Sanjay Bhansali on why series is a must-watch
- Megan Fox Ditches Jedi-Inspired Look to Debut Bangin' New Hair Transformation
- ‘Heretic’ and Hugh Grant debut with $11 million, but ‘Venom: The Last Dance’ tops box office again
- Vegas Golden Knights force Game 7 vs. Dallas Stars: Why each team could win
Ranking
- Officer injured at Ferguson protest shows improvement, transferred to rehab
- The Daily Money: Should bridesmaids go broke?
- Russia calls France leader Macron refusing to rule out troops for Ukraine very dangerous
- Stay Bug- & Itch-Free with These Essentials for Inside & Outside Your Home
- Judge weighs the merits of a lawsuit alleging ‘Real Housewives’ creators abused a cast member
- Still no deal in truce talks as Israel downplays chances of ending war with Hamas
- After Roe, the network of people who help others get abortions see themselves as ‘the underground’
- 'Will Palestine still exist when this war is over?' My answers to my children's questions.
Recommendation
-
Sister Wives' Janelle Brown Details to Meri Why She Can't Trust Ex Kody and His Sole Wife Robyn
-
Where pro-Palestinian university protests are happening around the world
-
Anna Nicole Smith's 17-Year-Old Daughter Dannielynn Looks All Grown Up at the Kentucky Derby
-
Lando Norris earns 1st career F1 victory by ending Verstappen’s dominance at Miami
-
The charming Russian scene-stealers of 'Anora' are also real-life best friends
-
Shohei Ohtani gifts manager Dave Roberts toy Porsche before breaking his home run record
-
Stay Bug- & Itch-Free with These Essentials for Inside & Outside Your Home
-
Escaped zebra captured near Seattle after gallivanting around Cascade mountain foothills for days