The cyber attack on the All India Institute of Medical Sciences (AIIMS) should set alarm-bells ringing, and loudly. Possibly for the first time, people witnessed the trouble that could be caused if someone, located in another country, for example, hacked the server of one of India’s premier institutions.

It’s like the opening scene in a Hitchcock film, where the audience gets a hint of trouble that could unravel later. Only, this is real life and it deals with real people — their lives, their data, finances, and so on. And, the trouble-maker could be a state-sponsored or non-state actor, not playing by the rules as we know it.

In 2020, two leading domestic drugmakers faced cyber attacks, barely weeks apart. According to media reports, healthcare in India faced about 1.9 million cyber attacks this year, till late November. That’s just India, and reported cases in healthcare.

Shifting geographies, this month, the American Hospital Association raised the issue of cyber security and support required from their government when faced with cyber attacks from hostile countries, that could hold patient data to ransom etc. This is not just a public health concern but a national security threat, they explain. In August, the UK witnessed a cyber attack on the NHS software that handled ambulances, patient appointments, emergency prescriptions, according to reports.

Drug regulators caution medical device makers and users on the pitfalls of online connectivity and outline measures to protect from cyber threats.

But there’s no putting the digital genie back in the bottle, as institutions in India and abroad push ahead with digital plans. However, there is a need to pause and consider multiple layers of security or even hybrid systems (involving standalone or manual systems) to protect patient data or financial details — for instance, from troublemakers equipped with the skills to pull the plug and harm an institution and country, in the process.

comment COMMENT NOW