India’s healthcare system, long challenged by uneven access, limited capacity and rising costs, is now confronting a more insidious danger: cyberattacks. A recent industry report suggests that hospitals and health institutions in the country are weathering an average of 8,600 attacks each week—more than four times the global average. Healthcare alone accounts for nearly a fifth of all cyber incidents in India in the past year. The figures place it among the most vulnerable sectors of the economy, and reveal an uncomfortable truth: while India is investing in digital health at scale, its cyber defences remain weak.
The attraction for cybercriminals is obvious. Hospitals are data-rich, operate mission-critical infrastructure and often run on outdated digital systems. An attack that locks access to patient records, diagnostic platforms or pharmacy workflows can cause havoc in a matter of hours. Faced with the possibility of fatal delays, administrators are more likely to give in to extortion demands than other industries. That makes healthcare a lucrative target.
The methods used to penetrate these systems are varied. Ransomware remains a preferred weapon, shutting down core systems until payments are made. Infostealers and remote access trojans, such as Formbook and Maze, have also been documented, quietly siphoning sensitive information to criminal networks. Fake update campaigns and botnets help spread malicious code across networks. Human fallibility adds to the problem: phishing emails and impersonation attacks aimed at unsuspecting staff continue to be depressingly effective. In India, more than seventy percent of infected endpoints in healthcare breaches were personal devices, underlining how bring-your-own-device policies widen the attack surface. And with hospitals increasingly reliant on connected medical equipment—from ventilators to monitoring sensors—each poorly secured device becomes another entry point for exploitation.
The consequences extend well beyond breaches of personal data. A hospital paralysed by ransomware may have to postpone surgeries or divert emergency cases elsewhere. Tampering with digital records could compromise treatment decisions, with potentially life-threatening outcomes. The financial costs, whether in ransom payments, regulatory fines or reputational damage, are substantial. But perhaps the greatest casualty is trust. In healthcare, confidence is paramount; repeated cyber incidents risk undermining public faith in India’s ambitious digital health programmes, from electronic medical records to the national health ID.
There are global parallels. In 2021, Ireland’s Health Service Executive was forced to shut down national systems after a ransomware attack, leading to weeks of disruption. While India’s ecosystem is larger and more fragmented, the vulnerability is strikingly similar. The rise in attacks has been steep. Just a year ago, healthcare accounted for about 14 percent of reported cyber incidents in India; that figure has since climbed to 22 percent. Industry bodies, such as the Data Security Council of India, have begun pressing for higher awareness and stronger protocols. Some public hospitals have already experienced headline-grabbing breaches, while mid-sized private facilities continue to operate with inadequate safeguards.
Part of the problem is structural. Many institutions lack dedicated budgets for cybersecurity and struggle to hire trained professionals. Patching of software, often delayed because of operational constraints, leaves systems exposed for months. Staff members, from doctors to administrators, are seldom trained to recognise phishing or other basic risks. These weaknesses combine to create fertile ground for attackers.
The way forward requires a shift in mindset as much as in technology. Cyber risk in healthcare can no longer be relegated to IT departments; it must be treated as a strategic issue at the level of boards and hospital leadership. Risk assessments need to become routine, networks should be segmented to reduce contagion, and stricter controls placed on personal devices connecting to hospital systems. The adoption of multi-factor authentication and zero-trust approaches, though cumbersome at first, would help limit access for intruders. Staff training is equally vital, because the human element remains the softest target.
Preparedness must also mean readiness to respond. Hospitals should have clear incident-response plans—covering containment, backup, recovery and communication—and rehearse them as rigorously as they conduct fire drills. Governments have a role too. Setting minimum cybersecurity standards, encouraging third-party audits and mandating compliance would help raise the floor. Public-private partnerships can facilitate intelligence sharing so that institutions learn from each breach rather than repeat the same mistakes. Finally, investment in cybersecurity talent—whether through in-house teams or partnerships with specialist firms—will determine how well hospitals can monitor and respond to threats in real time.
India is at the cusp of a health technology revolution. Electronic medical records, teleconsultations, health apps and digital monitoring promise to transform the patient experience. But this promise will remain fragile if the foundations are not secure. The thousands of weekly attacks, rising sophistication of adversaries and the growing disruption already seen point to a simple conclusion: cybersecurity must be embedded into the very design of India’s healthcare system. The cost of inaction is not limited to financial losses or stolen data. It is measured in lives, in public trust, and in the credibility of a digital health future that millions are counting on.
