The All India Institute of Medical Sciences (AIIMS), Delhi’s server has been down for six days in a row, and sources told news agency PTI that hackers have allegedly demanded almost 200 crores in cryptocurrencies from the institution.
Reports stated that the hack, which was found on Wednesday morning, exposed the information of 3 to 4 crore patients.
Particularly, several VIPs, including former prime ministers, ministers, officials, and judges, have data stored on the AIIMS server.
The Specifics of the Data Breach
The reports claim that due to the server being down, patient care services in the emergency, outpatient, inpatient, and laboratory wings are being managed manually.
The Delhi Police, however, issued a statement, saying “no ransom demand as being quoted by certain sections of the media has been brought to notice by AIIMS authorities”.
The India Computer Emergency Response Team (CERT-IN), Delhi Police, and representatives of the Ministry of Home Affairs are investigating the ransomware attack.
In the while, the NIC e-hospital database and application servers have become operational again. The NIC team is now scanning and cleaning additional AIIMS e-hospital servers that are required for the provision of hospital services.
Additionally, for the four physical servers that have been set up to restore e-hospital services, the databases and applications have been scanned and prepared.
Reports say the AIIMS network is also being sanitised. There are plans for anti-virus programmes for computers and servers.
Almost 1,200 of the 5,000 available computers have it installed. This effort is happening around the clock, seven days a week, and twenty out of fifty servers have already been inspected.
Investigation of the Attack
A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on 25 November.
The official sources mention that internet services are blocked on computers at the hospital on the recommendations of the investigating agencies.
There is a possibility that Chinese hackers are accountable for the attack, according to speculation. The lack of cloud-based servers and a poor firewall are likely to blame for the ransomware attack.
Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book