You are currently viewing Foreign Cyber Attack on Regional Cancer Center (RCC): Radiation Software Hacked  
Foreign Cyber Attack on Regional Cancer Center (RCC) Radiation Software Hacked

Foreign Cyber Attack on Regional Cancer Center (RCC): Radiation Software Hacked  

On Monday morning, a foreign cyber attack targeted the software used for radiation treatment at the Regional Cancer Center (RCC) in Thiruvananthapuram, Kerala. The RCC serves patients not only from Kerala but also from other states in India. The attack compromised critical systems, including servers storing health information and data related to surgical, radiation, and pathology results.  

The Attack – 

  • Hacking Radiation Software and Servers:  

The hackers successfully breached the radiation software responsible for administering radiation treatment to patients.  

Two key servers storing health information for over 20 lakh (2 million) people were also compromised.  

These servers contained crucial patient data, including surgical outcomes, radiation treatment details, and pathology reports.  

  • Sabotage and Threats:  

The attackers’ motive appears to be sabotage, as they disrupted the treatment and follow-up examinations of patients.  

If the radiation software is tampered with, patients could receive incorrect radiation doses, posing life-threatening risks.  

The hackers claimed responsibility and sent an email from abroad.  

They demanded cryptocurrency worth billions of rupees as ransom.  

  • Suspicion of Chinese and North Korean Involvement:  

Investigators suspect the involvement of Chinese and North Korean hackers.  

These state-sponsored groups are known for their cyber capabilities and have targeted critical infrastructure worldwide.  

  • Impact on Patients:  

Approximately 500 patients receive radiation treatment at RCC daily.  

Since the attack, radiation treatment has been halted, affecting patients’ health and well-being.  

The disruption highlights the vulnerability of healthcare systems to cyber threats.  

Response and Recovery – 

  • Data Recovery:  

The Cyber Police and Computer Emergency Response Team (CERT-K) took emergency measures to recover the compromised data.  

The extent of data loss will be determined through forensic examination.  

  • Investigation:  

Authorities have launched an investigation to identify the attackers and determine the attack’s origin.  

This incident marks the first such cyber attack on a government hospital in Kerala.  

  • Comparison to AIIMS Attack:  

In 2022, Delhi AIIMS faced a similar cyber attack using a virus sent via email from abroad.  

The attackers demanded a massive cryptocurrency ransom.  

Health information of prominent individuals, including former Prime Minister Manmohan Singh and Union Home Minister Amit Shah, was compromised.  

Conclusion – 

The RCC cyber attack underscores the urgent need for robust cybersecurity measures in healthcare institutions. As technology advances, hospitals must prioritize safeguarding patient data and critical systems against cyber threats. The incident serves as a wake-up call for all organizations to strengthen their defenses and stay vigilant in the face of evolving cyber risks.  

Remember, cyber attacks can have real-world consequences, affecting patient care and public health. Let’s work together to protect our critical infrastructure and ensure a safer digital future. 

In addition to the above, Healthcare Institutions can also work with cybersecurity experts to develop a comprehensive security plan that is tailored to their specific needs. Prime Infoserv LLP, a CERT-In empanelled security auditor is always ready to handle your security requirements with Governance, Risk and Compliance (GRC) services and Managed Security services (MSS).  

Write to us at info@primeinfoserv.com or contact us at +913340085677 for queries about implementing a proactive approach and safeguarding your critical data. Follow our Facebook page and Instagram page for more information about us. 

Leave a Reply