Sleuths suspect terror angle in AIIMS hack as server cleansing continues

Update: 2022-11-29 07:43 GMT
Visuals from the spot showed black smoke billowing out of the windows, above the emergency ward of the AIIMS. File photo

It has been a week since hackers attacked the servers of the All India Institute of Medical Sciences (AIIMS) in Delhi, making the system crash. While media and agency reports on Monday suggested that hackers may have demanded Rs 200 crore in cryptocurrency from AIIMS to restore the system, Delhi Police have denied the report.

PTI reported on Monday that the breach, which was discovered last Wednesday, may have compromised the data of three to four crore patients. Several VIPs, including former prime ministers, ministers, bureaucrats, and judges, had their data stored at AIIMS.

Delhi Police, the Ministry of Home Affairs, and the India Computer Emergency Response Team (CERT-IN) are looking into the case. The Intelligence Fusion and Strategic Operations (IFSO) division of the Delhi Police has reportedly filed a case of extortion and cyberterrorism.

Top intelligence agencies and National Investigation Agency (NIA) officials have also visited AIIMS, said sources. Investigators reportedly suspect a terror angle and foreign conspiracy behind the cyber-attack. Patient data theft seems to be the motive of the perpetrators.

Four physical servers prepared

Reports stated on Tuesday that hospital authorities have started working on back-up data. For a week, patient care services in the emergency, outpatient, inpatient, and laboratory wings were managed manually.

The National Informatics Centre’s (NIC) e-hospital database and application servers for e-hospital have reportedly been restored. An NIC team is cleaning the infected data from other e-hospital servers located at AIIMS, reports said. Four physical servers have been prepared for the databases and applications to restore e-hospital services.

Also read: After backlash, AIIMS withdraws letter on ‘special’ treatment for MPs

To sanitise the AIIMS network, antivirus has been installed on around 1,200 of 5,000 computers. Twenty of the 50 servers have reportedly been scanned. Full sanitisation would likely continue for another five days, after which e-hospital services can be rolled out in a phased manner, said sources.

“The data restoration and server cleaning [are] taking some time due to the volume of data and a large number of servers for the hospital services. Measures are being taken for cyber security,” read an AIIMS statement issued on Monday.

Around 38 lakh patients reportedly get treated at AIIMS every year, and all that data was stored on those servers. Internet services are likely to remain suspended at AIIMS, as a thorough cleansing is needed.

(With agency inputs)

Tags:    

Similar News