New Delhi, June 28
The Indian healthcare sector has become a major target for cybercriminals, experiencing an average of 6,935 cyberattacks per week over the last six months, compared to 1,821 attacks per organisation globally, a new report revealed on Friday.
According to the cyber security provider Check Point Software Technologies, this trend highlighted the increased attack surface due to the rapid adoption of technologies such as electronic health records (EHRs), telemedicine, and Internet of Things (IoT) devices.
"The simplicity of spoofing email addresses and the capability to deliver weaponised content make email a powerful tool for spreading malware, stealing credentials, and executing social engineering attacks," said Sundar Balasubramanian, MD for India and SAARC at Check Point Software Technologies.
"Check Point urges users to avoid opening unverified email attachments, use strong passwords, enable multi-factor authentication, and exercise caution with unsolicited or suspicious emails," he added.
Following healthcare, the most attacked industries in India include education/research (6,244 attacks), consulting (3,989 attacks), and government/military (3,618 attacks), the report mentioned.
The report also highlighted that Indian organisations, on average, were targeted 2,924 times per week over the past six months, compared to 1,401 attacks per organisation globally.
The most prevalent malware in India was 'FakeUpdates', accompanied by other malicious software such as 'botnets’ and a Remote Access Trojan (RAT) named ‘Remcos'.
Information disclosure was the most commonly exploited vulnerability in India, affecting 72 per cent of organisations, followed by Remote Code Execution impacting 62 per cent, and Authentication Bypass affecting 52 per cent.
In the last 30 days, 63 per cent of malicious files in India were delivered via email, while 37 per cent were delivered through the web.
Notably, 58 per cent of the top malicious files delivered via email were executable files, while 59 per cent of malicious files delivered via the web were PDF files, the report said.
"Preventive measures, such as regular software updates, employee training, and the deployment of advanced security solutions, are essential to mitigate the growing threat landscape," Balasubramanian said.