Russian Hacker Group Phoenix Targets Indian Health Ministry’s Website, Claims Cyber-Security Firm CloudSEK

The pro-Russian hacker group called Phoenix allegedly compromised the HMIS Portal and had access to the data of employees and chief physicians of all the hospitals in the country, claimed the AI-driven cybersecurity company

Russian Hacker Group Phoenix Targets Indian Health Ministry’s Website, Claims Cyber-Security Firm CloudSEK
Representational Image (Photo Credit: PTI)

New Delhi, March 16: Cyber-security researchers from CloudSEK have claimed that a Russian hacker group targeted the Indian Health Ministry website and infiltrated its Health Management Information System (HMIS).

The pro-Russian hacker group called Phoenix allegedly compromised the HMIS Portal and had access to the data of employees and chief physicians of all the hospitals in the country, claimed the AI-driven cybersecurity company. India Highest Attacked Country by Hackers in Asia in 2022: Report.

According to CloudSEK's contextual AI digital risk platform XVigil, "the motive behind this target was the sanctions imposed against the Russian Federation where Indian authorities decided not to violate the sanctions as well as comply with the price ceiling for Russian oil approved by G7 countries".

"This decision resulted in multiple polls on the telegram channel of the Russian Hacktivist Phoenix asking the followers for their votes," it added. According to security researchers, the Russian threat actors may sell exfiltrated license documents and personal identifiable information (PII) on cybercrime forums and conduct document fraud using PII and license documents.

Active since January 2022, the Russian hacktivist group Phoenix was observed using social engineering techniques to lure the victims in a phishing scam thereafter stealing the passwords and gaining access to its victims' bank or e-payment accounts. GoDaddy Phishing Attack: Web Hosting Platform Says Hackers Stole Source Code, Installed Malware.

"The group has conducted a series of DDoS attacks against multiple entities in the past," said the report. Phoenix has also engaged in hardware hacking, unlocking lost or stolen iPhones and reselling them in Kiev and Kharkiv through a network of controlled outlets.

The Russian Hactivist group has earlier attacked hospitals based in Japan and the UK, along with a US-based healthcare organisation serving the US military, said the report. Late last year, the All India Institute of Medical Sciences (AIIMS) in Delhi became the victim of a massive ransomware attack where Chinese involvement was suspected.

Sensitive data of at least 40 million patients, including political leaders and other VIPs, were potentially compromised in the hacking. The attack was analysed by the Indian Computer Emergency Response Team (CERT-In) and was found to have been caused by improper network segmentation.

Another top hospital in the national capital, the Safdarjung Hospital, was also hit by cyber-criminals. However, the hacking attack on the Safdarjung Hospital was not as severe as the AIIMS-Delhi faced and the chances of data leak were less as major part of hospital work runs on manual mode.

(The above story first appeared on LatestLY on Mar 16, 2023 12:07 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).


You Might Also Like

Crypto Theft 2024: Hackers Steal Over USD 12.7 Billion Worth Cryptocurrencies This Year Across More Than 1,000 Heists Till Date, Says Report

NBA Christmas Day Games 2024: Warriors vs Lakers, 76ers vs Celtics Headline Mega Fixtures on Festive Season

Year-Ender 2024: From ‘Furiosa A Mad Max Saga’ to ‘Joker Folie a Deux’, 10 Most Shocking Box-Office Bombs From Hollywood and Whether These Movies Deserved To Fail!

Cybercriminals Target YouTube Creators by Sending Fake Brand Collaboration Offers To Distribute Malware Disguised As Legitimate Document: Report

Share Us