Opinion | Asia is rapidly digitalising – is its cybersecurity up to scratch?
- As people, businesses and services in Asia increasingly operate online, regulatory frameworks to safeguard private data are proving inadequate
- Discrepancies in levels of protection across the region also highlight the need for a more unified approach
Just as 2022 bowed out, India’s capital experienced a major disruption to its healthcare services that had nothing to do with Covid-19.
On November 23, the All India Institute of Medical Sciences (AIIMS), India’s leading public health institute in New Delhi, was the victim of a cyberattack that left services in shambles. According to a media statement issued by AIIMS, the institute’s “e-Hospital” application run by the National Informatics Centre, a department of the Indian government, crashed.
Backup servers were affected as well. In addition to affecting outpatient and inpatient services at the hospital, other digital services were disrupted too, such as billing, report generation, appointments and lab analysis.
As of December 3, servers remained down for the 11th consecutive day, leading to serpentine queues and much confusion before online services were finally restored. A data breach of this nature is a nightmare, experts say, because it exposes the sensitive medical data of at least 30-40 million patients, roughly the population of Canada.
AIIMS Delhi also holds the medical data of senior bureaucrats in the Indian government. In an unrelated incident on November 30, the website of the Indian Council of Medical Research (ICMR), the country’s premium government-led biomedical research institute, allegedly came under attack as well – with 6,000 hacking attempts made in a single day.
These aren’t isolated incidents. The Indian healthcare industry has allegedly been the target of over 1.8 million cyberattacks (many of these failed attempts) in 2022 alone, as per data published by the think tank Cyber Peace Foundation.
