1. Home
  2. Hackers attack Indian healthcare website, steal 68 lakh records

Hackers attack Indian healthcare website, steal 68 lakh records

Agencies
August 22, 2019

In a startling revelation, US-based cyber security firm FireEye said on Thursday that hackers broke into a leading India-based healthcare website, stealing 68 lakh records containing patient and doctor information.

Without naming the website, FireEye said cyber criminals -- mostly China-based -- are directly selling data stolen from healthcare organisations and web portals globally including in India in the underground markets.

"In February, a bad actor that goes by the name "fallensky519" stole 6,800,000 records associated with an India-based healthcare website that contains patient information and personally identifiable information (PII), doctor information and PII and credentials," FireEye said in its report shared with media.

Between October 1, 2018 and March 31, 2019, FireEye Threat Intelligence observed multiple healthcare-associated databases for sale on underground forums, many for under $2,000.

FireEye said it continues to witness a concerted focus on acquiring healthcare research by multiple Chinese advanced persistent threat (APT) groups.

"In particular, it is likely that an area of unique interest is cancer-related research, reflective of China's growing concern over increasing cancer and mortality rates, and the accompanying national health care costs," the cyber security agency noted.

Open source reports indicate that cancer mortality rates have increased dramatically in recent decades, making cancer China's leading cause of death.

As the People's Republic of China (PRC) continues to pursue universal healthcare by 2020, controlling costs and domestic industry will surely affect the PRC's strategy to maintain political stability," said the FireEye report.

Another probable motivation for APT activity is financial: the PRC has one of the world's fastest growing pharmaceutical markets, creating lucrative opportunities for domestic firms, especially those that provide oncology treatments or services.

"Targetting medical research and data from studies may enable Chinese corporations to bring new drugs to market faster than Western competitors," the report claimed.

In early April this year, suspected Chinese cyber espionage actors targeted a US-based health center-with a strong focus on cancer research - with "EVILNUGGET" malware.

APT22 - a Chinese group that has focused on biomedical, pharmaceutical, and healthcare organizations in the past, and continues to be active - also targeted this same organization in prior years.

In the same month, several researchers at the MD Anderson Cancer Research were dismissed following concerns over theft of medical research on behalf of the Chinese government.

One theme FireEye has observed among Chinese cyber espionage actors targeting the healthcare sector is the theft of large sets of personally identifiable information (PII) and Protected Health Information (PHI).

Beyond Chinese-nexus groups, FireEye Intelligence has observed a wide variety of other cyber espionage and nation state actors involved in targeting the healthcare sector, including Russia-nexus APT28.

"The valuable research being conducted within some of these institutions continues to be an attractive target for nation-states seeking to leapfrog their domestic industries," the report emphasised.

As biomedical devices increase in usage, the potential for them to become an attractive target for disruptive or destructive cyber attacks - especially by actors willing to assume greater risk - may present a more contested attack surface than today," said the report.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 19,2020

Denser places, assumed by many to be more conducive to the spread of the coronavirus that causes COVID-19, are not linked to higher infection rates, say researchers.

The study, led by Johns Hopkins University, published in the Journal of the American Planning Association, also found that dense areas were associated with lower COVID-19 death rates.

"These findings suggest that urban planners should continue to practice and advocate for compact places rather than sprawling ones, due to the myriad well-established benefits of the former, including health benefits," says study lead author Shima Hamidi from Johns Hopkins Bloomberg School of Public Health in the US.

For their analysis, the researchers examined SARS-CoV-2 infection rates and COVID-19 death rates in 913 metropolitan counties in the US.

When other factors such as race and education were taken into account, the authors found that county density was not significantly associated with county infection rate.

The findings also showed that denser counties, as compared to more sprawling ones, tended to have lower death rates--possibly because they enjoyed a higher level of development including better health care systems.

On the other hand, the research found that higher coronavirus infection and COVID-19 mortality rates in counties are more related to the larger context of metropolitan size in which counties are located.

Large metropolitan areas with a higher number of counties tightly linked together through economic, social, and commuting relationships are the most vulnerable to the pandemic outbreaks.

According to the researchers, recent polls suggest that many US citizens now consider an exodus from big cities likely, possibly due to the belief that more density equals more infection risk.

Some government officials have posited that urban density is linked to the transmissibility of the virus.

"The fact that density is unrelated to confirmed virus infection rates and inversely related to confirmed COVID-19 death rates is important, unexpected, and profound," said Hamidi.

"It counters a narrative that, absent data and analysis, would challenge the foundation of modern cities and could lead to a population shift from urban centres to suburban and exurban areas," Hamidi added.

The analysis found that after controlling for factors such as metropolitan size, education, race, and age, doubling the activity density was associated with an 11.3 per cent lower death rate.

The authors said that this is possibly due to faster and more widespread adoption of social distancing practices and better quality of health care in areas of denser population.

The researchers concluded that a higher county population, a higher proportion of people age 60 and up, a lower proportion of college-educated people, and a higher proportion of African Americans were all associated with a greater infection rate and mortality rate.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 26,2020

New Delhi, Jan 26: Google on Sunday marked India's 71st Republic Day by dedicating a doodle illustrating the country's rich cultural heritage that permeates and unites the diverse nation.

From its world-famous landmarks like the Taj Mahal and India Gate, to the wide array of fauna such as its national bird (the Indian peafowl), to classical arts, textiles, and dances, the doodle, designed by Singapore-based artist Meroo Seth, brings together the rich cultural heritage of the country.

Republic Day marks the completion of India's transition towards becoming an independent republic after its constitution came into effect. The governing document had taken nearly three years of careful deliberation to finalise, and its eventual enactment was joyfully celebrated across the country.

While the Constitution was adopted by the Indian Constituent Assembly on 26 November 1949, it came into effect on January 26 -- a day when Declaration of Indian Independence (Purna Swaraj) was proclaimed by the Indian National Congress back in 1929, as opposed to the Dominion status offered by the British Regime.

Festivities embody the essence of diversity found in one of the world's most populous nations, celebrated over a three-day period with cultural events displaying national pride.

Last year's doodle on Republic Day, designed by artist Reshidev RK, had featured Rashtrapati Bhavan in the background along with a display of the country's iconic monuments and heritage.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
May 19,2020

Cybersecurity researchers on Monday warned of a Trojan malware campaign which is targeting India's co-operative banks using COVID-19 as a bait.

Seqrite, the enterprise arm of IT security firm Quick Heal Technologies, detected the new wave of Adwind Java Remote Access Trojan (RAT) campaign.

Researchers at Seqrite warned that if attackers are successful, they can take over the victim's device to steal sensitive data like SWIFT logins and customer details and move laterally to launch large scale cyberattacks and financial frauds.

According to the researchers, the Java RAT campaign starts with a spear-phishing email which claims to have originated from either the Reserve Bank of India or a nationalised bank.

The content of the email refers to COVID-19 guidelines or a financial transaction, with detailed information in an attachment, which is a zip file containing a JAR based malware.

Upon further investigation, researchers at Seqrite found that the JAR based malware is a Remote Access Trojan that can run on any machine which has Java runtime enabled and hence it can impact a variety of endpoints, irrespective of their base operating system.

Once the RAT is installed, the attacker can take over the victim's device, send commands from a remote machine, and spread laterally in the network.

In addition, this malware can also log keystrokes, capture screenshots, download additional payloads, and extract sensitive user information, Seqrite said, adding that such attack campaigns can effectively jeopardise the privacy and security of sensitive data at the co-operative banks and result in large scale attacks and financial frauds.

To prevent such attacks, users need to exercise ample caution and avoid opening attachments and clicking on web links in unsolicited emails.

Banks should also keep their operating systems updated and have a full-fledged security solution installed on all the devices, Seqrite advised.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.