Kerala's cooperative banks, hospitals, and chit funds have become prime targets for cyber-attacks originating from foreign countries, particularly China and Pakistan, according to cyber intelligence experts. A reliable source informed THE WEEK that a series of attacks and data thefts have already occurred in various institutions, many of which remain unaware of these breaches.

Vulnerabilities in IT Infrastructure

"These institutions, especially cooperative banks and chit funds, have significant IT infrastructure vulnerabilities compared to nationalized or major private banks," the source revealed. "Many are outsourcing their IT operations to low-cost, inexperienced providers, making them easy targets for hackers. These attackers exploit the security weaknesses to steal data, which they then sell on the dark web or use for ransom and other cybercrimes."

Kerala's cooperative movement, which has a history spanning over a century, includes more than 12,000 active cooperative societies, with over 4,000 being credit societies or banks. The state also has several state-backed and private chit funds, making them attractive targets for cybercriminals.

Recent Cyber Attacks

Recently, a major private chit fund in Kerala fell victim to a cyber-attack, the source confirmed. The attack employed SQL injection, a common hacking technique where attackers insert malicious code into a website to breach its security and extract data. This method has been widely used against institutions with poorly managed IT infrastructures.

Hospitals Also Targeted

In addition to financial institutions, hospitals in Kerala have become prime targets for cyber-attacks. Hackers have used SQL injection to gain access to patient data stored by mid-level hospitals. Even premium hospitals are not immune. On April 28, the Regional Cancer Centre (RCC) in Thiruvananthapuram, Kerala's state-owned premier cancer care hospital and research center, experienced a cyber-attack. According to an FIR, the attacker attempted to control critical systems, including radiation treatment and patient care, though it remains unclear whether a significant data breach occurred during the incident.

As cyber threats continue to evolve, experts warn that Kerala's institutions must strengthen their IT security to protect against these increasingly sophisticated attacks.