1. Home
  2. Hackers attack Indian healthcare website, steal 68 lakh records

Hackers attack Indian healthcare website, steal 68 lakh records

Agencies
August 22, 2019

In a startling revelation, US-based cyber security firm FireEye said on Thursday that hackers broke into a leading India-based healthcare website, stealing 68 lakh records containing patient and doctor information.

Without naming the website, FireEye said cyber criminals -- mostly China-based -- are directly selling data stolen from healthcare organisations and web portals globally including in India in the underground markets.

"In February, a bad actor that goes by the name "fallensky519" stole 6,800,000 records associated with an India-based healthcare website that contains patient information and personally identifiable information (PII), doctor information and PII and credentials," FireEye said in its report shared with media.

Between October 1, 2018 and March 31, 2019, FireEye Threat Intelligence observed multiple healthcare-associated databases for sale on underground forums, many for under $2,000.

FireEye said it continues to witness a concerted focus on acquiring healthcare research by multiple Chinese advanced persistent threat (APT) groups.

"In particular, it is likely that an area of unique interest is cancer-related research, reflective of China's growing concern over increasing cancer and mortality rates, and the accompanying national health care costs," the cyber security agency noted.

Open source reports indicate that cancer mortality rates have increased dramatically in recent decades, making cancer China's leading cause of death.

As the People's Republic of China (PRC) continues to pursue universal healthcare by 2020, controlling costs and domestic industry will surely affect the PRC's strategy to maintain political stability," said the FireEye report.

Another probable motivation for APT activity is financial: the PRC has one of the world's fastest growing pharmaceutical markets, creating lucrative opportunities for domestic firms, especially those that provide oncology treatments or services.

"Targetting medical research and data from studies may enable Chinese corporations to bring new drugs to market faster than Western competitors," the report claimed.

In early April this year, suspected Chinese cyber espionage actors targeted a US-based health center-with a strong focus on cancer research - with "EVILNUGGET" malware.

APT22 - a Chinese group that has focused on biomedical, pharmaceutical, and healthcare organizations in the past, and continues to be active - also targeted this same organization in prior years.

In the same month, several researchers at the MD Anderson Cancer Research were dismissed following concerns over theft of medical research on behalf of the Chinese government.

One theme FireEye has observed among Chinese cyber espionage actors targeting the healthcare sector is the theft of large sets of personally identifiable information (PII) and Protected Health Information (PHI).

Beyond Chinese-nexus groups, FireEye Intelligence has observed a wide variety of other cyber espionage and nation state actors involved in targeting the healthcare sector, including Russia-nexus APT28.

"The valuable research being conducted within some of these institutions continues to be an attractive target for nation-states seeking to leapfrog their domestic industries," the report emphasised.

As biomedical devices increase in usage, the potential for them to become an attractive target for disruptive or destructive cyber attacks - especially by actors willing to assume greater risk - may present a more contested attack surface than today," said the report.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 21,2020

The World Health Organisation (WHO) on Saturday launched a Health Alert on WhatsApp where over 1.5 billion users can ask questions and they will be provided with reliable information about new coronavirus 24/7.

This will also serve government decision-makers by providing the latest numbers and situation reports, WhatsApp said in a statement.

To contact the WHO Health Alert, save the number +41 79 893 1892 in phone contacts, and then simply text the word 'Hi' in a WhatsApp message to get started.

The service responds to a series of prompts and will be updated daily with the latest information.

"You can also visit the WhatsApp Coronavirus Information Hub at whatsapp.com/coronavirus," and click on the WHO link on the homepage to open up a chat with the WHO Health Alert if you have WhatsApp installed," said the micro-blogging platform.

The WHO Health Alert will provide official information on topics such as how to protect yourself from infection, travel advice, and debunking new coronavirus myths.

The service is initially launching in English but will be available in all six languages within the coming weeks (English, Arabic, Chinese, French, Russian and Spanish.)

"Digital technology gives us an unprecedented opportunity for vital health information to go viral and spread faster than the pandemic. We are proud to have partners like Facebook and WhatsApp, that are supporting us in reaching billions of people with important health information," said Dr Tedros Adhanom Ghebreyesus, Director-General of the WHO.

The WHO Health Alert is the latest official NGO or government helpline to become available on WhatsApp, joining the Singapore Government, The Israel Ministry of Health, the South Africa Department of Health, and KOMINFO Indonesia.

Earlier this week, WhatsApp, in partnership with the World Health Organization, UNICEF, and UNDP, launched the WhatsApp Coronavirus Information Hub. The hub offers general tips and resources for users around the world to reduce the spread of rumours and connect with accurate health information.

WhatsApp also announced a $1 million grant to the International Fact Checking Network to support fact-checking for the #CoronaVirusFacts Alliance.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
May 30,2020

The GST Council is unlikely to make major changes in the indirect tax structure at its next meeting slated mid June.

A top government source said that the Centre is not in favour of increasing tax rates on any goods or service as it could further impact consumption and demand that is already suppressed due the COVID-19 pandemic and lockdown.

It was widely expected that the GST Council could consider raising tax rates and cess on certain non-essential items to boost revenue for states and the Centre. Several states have reportedly taken an over 80-90 per cent hit in GST collections in April, the official data for which has not yet been released by the Centre.

"The need of the hour is to boost consumption and improve demand. By categorising items into essential and non-essential and then raising taxes on non-essential is not what Centre favours. But, the issue on rates and relief will be decided by the GST Council that is meeting next month," the finance ministry official source quoted above said.

The GST Council is chaired by the Union finance minister and thus the views of the Centre play out strongly in the council meetings.

However, the Council will also have to balance the expectations of the states whose revenues have nosedived after the coronavirus outbreak and wide scale disruption to businesses while they have still not been paid GST compensation since the December-January period.

To the question of wider scale job losses in the period of lockdown as businesses get widely impacted, the official said that the Finance Ministry has asked the labour ministry to collect data on job losses during Covid-19 and is constantly engaging with the ministry to oversee job losses and salary cuts.

On restrictions put on Chinese investment in India, the official clarified that no decision had yet been taken to restrict China through the Foreign Portfolio Investment (FPI) route.

Asked about monetising government debt, the official said that the issue would be looked at when we reach a stage. It has not come to that stage yet.

In the government's over Rs 20 lakh crore economic package, the official defended its structure while suggesting that comparisons with the economic packages of other countries should not be drawn as India's needs were different from others.

"We have gone in more reforms that is needed to give strength to the economy. This is required more in our country," the official source said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 18,2020

New Delhi, Jul 18: India's national cybersecurity agency CERT-in, has warned people of credit card skimming spreading across the world through e-commerce platforms.

Attackers are typically targeting e-commerce sites because of their wide presence, popularity and the environment LAMP (Linux, Apache, MySQL, and PHP), the Computer Emergency Response Team (CERT-In) said in a notice on Thursday.

Recently, attackers targeted sites which were hosted on Microsoft's IIS server running with the ASP.NET web application framework, it said.

Some of the sites affected by the attack were found to be running ASP.NET version 4.0.30319, which is no longer officially supported by Microsoft and may contain multiple vulnerabilities, CERT-In said.

The notice also included a list of best practices for website developers including the use of the latest version of ASP.NET web framework, IIS web server and database server.

The advisory is based on research by Malwarebytes which found that this skimming campaign likely began sometime in April this year.

Credit card skimming has become a popular activity for cybercriminals over the past few years, and the increase in online shopping during the pandemic means additional business for them, too, Malwarebytes said in a blog post, adding that attackers do not need to limit themselves to the most popular e-commerce platforms.

Researchers from global cybersecurity and anti-virus brand Kaspersky had warned in December last year that more cybercriminal groups will target online payment processing systems in 2020. 

It said that over the past couple of years, so-called JS-skimming (the method of stealing of payment card data from online stores), has gained immense popularity among attackers. 

Kaspersky researchers in their report said they are currently aware of at least 10 different actors involved in these type of attacks.

Their number will continue to grow during the next year, the report said, adding that the most dangerous attacks will be on companies that provide services such as e-commerce as-a-service, which will lead to the compromise of thousands of companies.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.