The Phoenix hacker group, which is a part of the pro-Russia hacker group Killnet has claimed to have launched several cyberattacks on the Ministry of Health in India. The group has also claimed to have access to sensitive data on hospitals, staff, and chief physicians.
According to a post shared on their Telegram channel, the hacker collective has claimed to gain unauthorized access to the systems of India’s Ministry of Health.
“It appears that this attack was a response to a poll conducted in the Killnet group, in which India was criticized for not condemning European nations’ sanctions against Russia. The attack seems to be a continuation of the discussion that took place in the group, highlighting the strong opinions and tensions around this issue,” read a tweet by @FalconFeedsio while sharing details of the security incident.
The Cyber Express has reached out to the Ministry of Health, India and is yet to receive a response regarding the claims made by the hacker collective.
Phoenix hacker/Killnet targets healthcare
The Killnet hacktivist group has targeted several healthcare centers in the past by launching Distributed Denial of Service (DDoS) attacks to halt services.
They have also conducted mass data exfiltration and targeted Ukraine supporters to show solidarity with Russia amid the ongoing Russo-Ukraine war.
Moreover, severe implications have also been witnessed after healthcare systems have been targeted. The Southern Ohio Medical Center had to terminate systems linked to crucial services such as ambulances, patient appointments, medical records, and others including outpatient surgery after suffering a data breach that impacted its internal systems.
A USA Today report also noted a surge in cyberattacks on healthcare and the vulnerability of medical data.
Several analysis have revealed that hackers continue to attack hospitals to create urgency and make quick money at the cost of critical services as disruption of medical services put the lives of patients at risk.
Mitigation in healthcare cyberattacks
Children’s National Hospital in Washington has started an initiative called ‘Code Dark’ to address cyberattacks. This mitigation mechanism involves a system-wide switch that can be put ‘off’ alerting staff about a malware or ransomware attack.
Even though hospitals are heavily dependent on data and accessing system files, Sophos’ research on hospital cyberattacks in 2022 said that healthcare is getting better at handling data breaches.
Most hospitals were able to use backup data despite files being encrypted after a ransomware attack. 99% of organizations that suffered a ransomware attack in 2022 managed to get their encrypted data back.
Out of all the targeted hospitals, 72% of the healthcare were backing up their data while 33% of respondents said they used their own means to regain access to their data.
These findings involved inputs from 5,600 IT professionals including 381 healthcare from 31 countries.
It showed that the healthcare sector was taking data privacy seriously and working towards ways to restore data despite cyberattacks. The research also highlighted that in 2021, that healthcare that yielded to the ransom demands got only 65% of their encrypted data.
NOTE: The above information is provided for informational purposes only and is yet to be verified by The Cyber Express. Any reliance on such information is at the user’s own risk. For any queries related to the content, please contact us at [email protected] The Cyber Express will not be liable for any errors or omissions in the information provided, or for any actions taken by users based on such information until it is verified.
