A recent report states that Indian healthcare institutions face a total of 8,614 cyberattacks every week. That is more than four times the global average and over double the amount faced by any other industry in India.
If the feeling was in the air before, the numbers leave no doubt; India’s healthcare sector is an irresistible target for today’s attackers.
Indian Healthcare Leads the Pack in Rising Cybercrime Victims
One India-based security firm reported a 20% rise in cybercrime rates among their Indian clients in 2024. The healthcare and banking, financial services, and insurance (BFSI) sectors were two of the hardest hit, with “100 per cent of monitored healthcare websites encountering bot-driven attacks.” In addition, small and medium-sized entities experienced 236% more Distributed Denial of Service (DDoS) attacks than their larger counterparts.
The Data Security Council of India’s Cyber Threat Report 2025 also noted the trend, stating that the Indian healthcare sector accounted for nearly 22% of all attacks last year. This is up 8 percentage points from 2023, a significant climb.
Diagnosing India’s Cyber Health Problem
In many ways, the healthcare sector, anywhere you go, is simply difficult to protect.
Ransomware
The life and death scenarios playing out every day in hospitals and medical groups make them especially willing to play ball. When attackers hit these institutions with ransomware, they knock critical systems offline. Downtime to a healthcare organization can mean more than bad press and loss of revenue – it can mean loss of life. Knowing this, attackers hit healthcare where it hurts, and Indian organizations are no exception.
Medical IoT (MIoT)
Medical IoT devices are an especially attractive target for today’s AI-powered threat actors. While combining artificial intelligence and MIoT can be done for productive purposes, it also introduces unseen vulnerabilities into the mix. The Medical IoT environment is susceptible enough as it is, being historically light on security. A breach of one of these devices could siphon patient data at best; stop a heart monitor or infusion pump at worst.
Telehealth Adoption
The convenience of being able to see your doctor anytime, anywhere, comes with a price. The cost of that connectivity is vulnerability to internet-based attacks from snooping cybercriminals looking to siphon patient data. Consulting firm Deloitte warns healthcare organizations to “watch out for location-based cues that may signal a cyber threat.”
India – A Country Still in Its Cybersecurity Growth Stage
While these problems are prescient, they “come with the territory” for healthcare providers all over the world. However, coupled with a country-wide cybersecurity culture that is still in development, Indian healthcare providers become especially easy targets for repeat cybercriminal attacks.
Legacy systems
Although the country has been steadily improving its rankings in global technology indices, India still has room for the development in healthcare technology – and the technology that protects it. As stated in India Today, “Many of the Indian healthcare systems rely on outdated legacy technology, making them more susceptible to attacks, and limited financial resources to upgrade security further exacerbate the issue.”
Cyber Maturity
A lack of cyber maturity and available cybersecurity experts also leaves the Indian healthcare sector exposed. Small to mid-size companies in the country suffer especially hard from these limitations, as relatively weaker security infrastructure and limited access to fully staffed SOCs makes them less able to fend off attacks.
Regulations
Currently, there is no nation-wide, unifying cybersecurity law on the books for India, nor is there a healthcare-specific cybersecurity regulation. To fill these gaps, the Information Technology Act (IT Act), Sensitive Personal Data or Information Rules (SPDI Rules), and Digital Personal Data Protection Act (DPDP Act) (yet to be enforced) are in place.
Looking forward, the Data Security Council of India has recently joined forces with the Healthcare Information and Management Systems Society (HIMSS) to conduct an analysis of India’s cybersecurity posture at the national level.
Real-World Impact on Indian Healthcare – and Health
While the rising attack rates are damaging enough, nothing communicates the criticality of India’s healthcare security situation like a real-world incident.
AI-Driven Ransomware Attack
In August of last year, an Indian healthcare provider specializing in AI advancements was hit by an AI-driven ransomware attack. It started with a phishing email, and when a hospital administrator clicked the attachment, the AI-infused malware began to encrypt the organization’s sensitive data – starting at the most critical.
The result was swift and impactful. Patient admission was impacted, medical procedures were delayed, and surgeries had to be re-routed to other facilities. Key data was encrypted, and electronic patient records and billing data were unavailable due to a state of heightened risk. Although the company ultimately chose to work with law enforcement and not pay the ransom, damage was done to patient information, patient trust, and patient health.
From Deleted Data to Death Threats
Another instance the following month again challenged the Indian healthcare sector’s ability to respond. In September 2024, Chennai-based Star Health Insurance was the victim of a malicious cyber incident in which the sensitive data of 31 million patients was compromised and offered for sale on a custom website.
While disastrous to the patients involved, this would be typical of any other healthcare-targeting ransomware incident if not for the actions to follow. The attacker, ‘xenZen,’ claimed to have been sold the data directly by the provider, a move that Star Health claimed to be calculated to “incite panic.”
In March of this year, the same attacker mailed two packages containing bullet cartridges in an unveiled threat to the company’s CEO and CFO. A possible instance of hacktivism, xenZen claimed to have acted after hearing of customers’ denied medical claims.
These attacks illustrate the obvious; the stakes are rising for India’s healthcare companies and the patients – and executives – involved.
Best Practices for Healthcare Cyber Defense
In light of the specific challenges faced by India’s healthcare sector, security solutions that force-multiply current resources and focus on compliance are key.
- Ransomware Defense: With Fortra Ransomware Defense, hard-hit healthcare providers can leverage a suite of best-in-class solutions for early detection and malware prevention.
- Anti-Phishing: Most traditional email solutions – the ones a struggling hospital might invest in – can’t detect advanced attacks like phishing, business email compromise (BEC), and AI-infused social engineering. Fortra Cloud Email Security, an Integrated Cloud Email Security (ICES) solution, can.
- Brand Protection: Fortra Takedown Services like Managed Digital Risk Protection provides internet-scouring support for when lies or leaks appear around your healthcare organization. When dealing with patient health, nothing is more important than patient trust.
- Medical IoT Defense: The best way to ensure your MIoT devices are secure for use is to put them to the test. Fortra Application Security Testing and Fortra Offensive Security solutions like Fortra Vulnerability Management, Fortra Core Impact (penetration testing), and Fortra Cobalt Strike (red teaming) can vet critical devices and come in managed options for a lighter in-house load.
Conclusions
India’s healthcare sector has every problem that other healthcare sectors have, and many that they don’t. The country has a cybersecurity maturity level that is still in development. The paint has yet to dry on solid, established cybersecurity initiatives that are geared toward each sector and have passed the tests of time. Geopolitical tensions run high, and technological adoption is moving at breakneck speed.
And then there are all the problems specific to data-laden, availability-driven, compliant-dependent healthcare systems in general.All these combine to create the perfect storm for India’s healthcare organizations.
One thing is certain. Now is the time to bring awareness to the fact that global scammers have zeroed in on this particular country, and this particular sector, at this particular time. It is the time to draw attention to the fact that the Indian healthcare system takes home four times more attacks per week than the worldwide average – and find out why.
And it’s the time for India to respond with awareness, employee training, meaningful cybersecurity investments, and leveled-up cyber capabilities of their own. No matter the cost, the well-being of their people - and their patients - depends on it.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor and do not necessarily reflect those of Fortra.
