MedPiper Technologies and JournoMed conducted a Webinar Series on “Digital Transformation in Healthcare” in association with IRIA Kerala, Hospex, Indian Junior Doctors Network, ISA Thrissur City Branch, IMA Thrissur and Instaclinik. The second-day webinar discussed the future of cybersecurity in Healthcare and What a doctor should know about Dark Web. The event was held on 23rd August 2022.
Mr Amit Dubey, a National Security Expert, Crime Investigator, Cyber Forensics, and Head of Red Teaming – Tech Mahindra spoke about the interesting things about cyber security. He is deeply involved in crime investigation cases for 14-15 years and the case studies are regarding doctors. He deep dived into the topics of how the hackers involve themselves in hacking and how they transform the digital world, though they remain in search of a source code for hacking which remains unavailable. According to their perspective, the entire world is a software program, and all humans are artificial intelligence plugins for them. The way any AI typical engine gets trained, humans also get trained with that sort of data point. Humans are the products of the data points since birth. The information that humans consume since birth, through upbringing, through parents, teachers and society, through education and nowadays through social media, humans eventually become the product of the data. Their intellect, weaknesses, vulnerability and aspirations depend on the data points around them. A criminal need to manipulate these decision-making capabilities while hacking anyone. The users are the ultimately vulnerable endpoints for hacking information through any device. All these standard hacking technologies were developed recently. A hacker usually gathers information through open sources. They either send links on the resource or social media platforms or opt for precise data servers. They utilize various technologies to grab information and they create attack vectors. The attack vector is the methodology through which they hack someone. If the hacker can recognize the vulnerability, weaknesses, and psychological issues and grab the sensitive information all these attack vectors are created accordingly.
Why do hackers choose doctors?
Hackers choose doctors as they possess very sensitive information about their patients and their day-to-day activities. Even individuals are vulnerable as they are busy performing day-to-day stuff. During pre-pandemic and post-pandemic times, many doctors became vulnerable to hacking. Even their social media platforms such as what’s an app, Gmail got hacked and thus created an impact to a greater extent. It is advisable not to attend to any fake calls or calls from unknown persons, as it might lead to the hacking of accounts. Call forwarding and conditional call forwarding are new technologies adapted by hackers these days. Not only doctors as individuals but even organizations like hospitals are prone to hacking as they don’t follow any strict security processes and there might be a breach of confidential information in a few situations. In many cases, the open Wi-Fi is not secured carefully. The very basic security checks are missing in every hospital. In any hospital, the hacker can hack a single system, then the entire servers and can manipulate the work very easily. This can also create a huge revenue loss and incurs reputation loss. Suddenly one feels the entire system is out of control. For this, one needs to work on proactive methods to protect against any hazardous attacks that can be any attacks such as ransomware attacks, spyware attacks, malware attacks, mals and trozens. A strong security policy and framework need to be established which enables to protect against any attacks. So individual attack is one thing and organizational attack is another thing. An individual attack can happen through any of the family members. Here, the awareness level can’t be the same for every family member. The vendors, third-party components and partners and the people who are engaged daily are more vulnerable in the case of an organizational attack. Security is a mutual responsibility; it cannot be achieved in isolation. The data that is being captured from google, what’s app and other social media is also vulnerable. The “Have I been pwned.com” link gives information regarding the hacked email ids and passwords. All the passwords and the data hacked will eventually end up on dark web.
A dark web is an area accessed by criminals for illegal selling and purchasing activities. Most e-commerce happens on the dark web. The dark web has a much larger interface than the normal web. The internet one access daily is just 3-4 % of the entire internet. 96% of the internet remains unexplored by any individual, out of which 6% is the dark web and 3% is the deep web. The dark web is designed in such a way that once identity remains unexposed and nobody can trace the information regarding the accessed user. As the user remains hidden, the worst will come out. It is said that people are intended to perform wrong things on the dark web such as Illegal drug trafficking, illegal arms trafficking, human trafficking, child pornography, exporting goods or hiring hackers, killers and terrorists. All these activities are prominent on Dark Web. It is always advisable for any user to create a two-factor authentication to maintain strict privacy protection.
People nowadays serve as prey for hackers as they are not aware of cybersecurity and the dark web. The users of the internet are more curious about quick and easy earning and most of them fall into the trap of hackers by scanning QR codes, answering anonymous calls etc. There are various ways followed by hackers to track individual or company accounts. There are situations where individuals lose a major amount which can’t be retained later. Several legal sections can be filed against hackers who are involved in cybercrime. Even, an anonymous complaint can be filed against the cybercrime to a ministry portal of affairs where one need not disclose their identity and can serve their purpose.