In a startling revelation, US-based cyber security firm FireEye said on Thursday that hackers broke into a leading India-based healthcare website, stealing 68 lakh records containing patient and doctor information.
Without naming the website, FireEye said cyber criminals -- mostly China-based -- are directly selling data stolen from healthcare organisations and web portals globally including in India in the underground markets.
"In February, a bad actor that goes by the name "fallensky519" stole 6,800,000 records associated with an India-based healthcare website that contains patient information and personally identifiable information (PII), doctor information and PII and credentials," FireEye said in its report shared with IANS.
Between October 1, 2018 and March 31, 2019, FireEye Threat Intelligence observed multiple healthcare-associated databases for sale on underground forums, many for under $2,000.
FireEye said it continues to witness a concerted focus on acquiring healthcare research by multiple Chinese advanced persistent threat (APT) groups.
"In particular, it is likely that an area of unique interest is cancer-related research, reflective of China's growing concern over increasing cancer and mortality rates, and the accompanying national health care costs," the cyber security agency noted.
Open source reports indicate that cancer mortality rates have increased dramatically in recent decades, making cancer China's leading cause of death.
As the People's Republic of China (PRC) continues to pursue universal healthcare by 2020, controlling costs and domestic industry will surely affect the PRC's strategy to maintain political stability," said the FireEye report.
Another probable motivation for APT activity is financial: the PRC has one of the world's fastest growing pharmaceutical markets, creating lucrative opportunities for domestic firms, especially those that provide oncology treatments or services.
"Targetting medical research and data from studies may enable Chinese corporations to bring new drugs to market faster than Western competitors," the report claimed.
In early April this year, suspected Chinese cyber espionage actors targeted a US-based health center-with a strong focus on cancer research - with "EVILNUGGET" malware.
APT22 - a Chinese group that has focused on biomedical, pharmaceutical, and healthcare organizations in the past, and continues to be active - also targeted this same organization in prior years.
In the same month, several researchers at the MD Anderson Cancer Research were dismissed following concerns over theft of medical research on behalf of the Chinese government.
One theme FireEye has observed among Chinese cyber espionage actors targeting the healthcare sector is the theft of large sets of personally identifiable information (PII) and Protected Health Information (PHI).]
Beyond Chinese-nexus groups, FireEye Intelligence has observed a wide variety of other cyber espionage and nation state actors involved in targeting the healthcare sector, including Russia-nexus APT28.
"The valuable research being conducted within some of these institutions continues to be an attractive target for nation-states seeking to leapfrog their domestic industries," the report emphasised.
As biomedical devices increase in usage, the potential for them to become an attractive target for disruptive or destructive cyber attacks - especially by actors willing to assume greater risk - may present a more contested attack surface than today," said the report.
Jiten accuses RO of West Parliamentary seat for being ‘biased’ in election process; writes ECI
The Leader of Opposition and also the CPI(M) state secretary Jitendra Chaudhury on Thursday accused the Returning Officer of the West Parliamentary constituency of the Lok Sabha Dr Vishal Kumar over his ‘discriminatory’ attitude towards the opposition parties.
MHA extends AFSPA in parts of Arunachal and Nagaland for 6 more months
The Ministry of Home Affairs (MHA) has extended the Armed Forces (Special Powers) Act (AFSPA) in certain districts of Nagaland and Arunachal Pradesh for another six months with effect from April 1, officials said on Thursday.
Arunachal was, is, and will remain an integral part of India: MEA
The Ministry of External Affairs (MEA) said on Thursday that China's repetitive claims on Arunachal Pradesh will not change India's position, and the northeastern state will remain an integral and inalienable part of India.
‘To browbeat and bully others is vintage Congress culture', says PM Modi on lawyers’ letter to CJI
Reacting to an open letter to the Chief Justice of India, D.Y. Chandrachud, which was signed by over 600 advocates on Thursday, Prime Minister Narendra Modi said that to "browbeat and bully others is the vintage culture of the Congress".
'Unacceptable, unwarranted': India again slams US' remarks on Arvind Kejriwal
Calling the US State Department's remarks on the arrest of Delhi Chief Minister Arvind Kejriwal "unwarranted", India on Thursday said that any such external imputation on the electoral and legal process is completely unacceptable.
Excise policy case: Delhi court extends CM Kejriwal's ED custody till April 1
CM Kejriwal, whose alleged role in the excise policy scam is being probed by the Enforcement Directorate (ED), was produced before Special Judge Kaweri Baweja of the Rouse Avenue Court on the expiry of his six-day ED remand on Thursday.
CM not above law, says ED as Kejriwal questions rationale behind his arrest
"The case has been going on for two years. The case was filed on August 17. No court has found me guilty. There are no charges against me nor has any case been filed against me. But I have been arrested," he said.
Ukrainian FM arrives in India to build on talks between PM Modi, Volodymyr Zelenskyy
In a first high-level visit by a Ukrainian leader since the start of hostilities with Russia in 2022, Kuleba began his two-day official visit at the invitation of External Affairs Minister S. Jaishankar.