Cyber attack on aiims

The cyber attack on the All India Institute of Medical Sciences (AIIMS) New Delhi, which is the premier medical institute in India, hit the day-to-day operations of the hospital very hard, with the data and personal information of the patients at risk. The cyber-attack took place a week ago, and the data operations at AIIMS came to a standstill for six days. The eHospital data of AIIMS was recovered on Tuesday night, but many believe that the data of crores of patients still remain at risk. The network is being sanitized before the services can be restored as all hospital services, including outpatient, in-patient, and laboratories, continue to run on manual mode. AIIMS said in an official statement, “The process is taking some time due to the volume of data and a large number of servers/computers for the hospital services. Measures are being taken for cyber security.” A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25. Meanwhile, two system analysts were suspended by AIIMS on Monday after being served show-cause notices for alleged dereliction of duty. It must be noted that the data breach in AIIMS targeted the data of around 3-4 crore patients who have got their treatments and consultations done at the hospital. This data also includes that of VIPs such as former prime ministers, judges, and MPs. While AIIMS has denied the allegations of any ransom demanded after the da...

This is the second cyberattack against The internet services at the hospital remained blocked for several days as Delhi Police joined the investigation with Indian Computer Emergency Response Team (CERT-In) and National Informatics Centre (NIC). The National Investigation Agency (NIA) also visited the hospital and helped the investigative agencies in the case. The cyberattack led to the disruption of many services, especially online-based processes. The hospital launched Standard Operation Procedures (SoP) under manual admission and discharge procedure. Links with China and Hong Kong The investigation into the AIIMS cyberattack revealed that the servers used in the cyberattack might have originated in China and Hong Kong. Delhi also wrote to the Central Bureau of Investigation (CBI) and asked it to obtain more information from Interpol. Also Read: AIIMS Delhi cyber attack: Cops seek data on China, Hong Kong-based IP address from CBI The reports also said that AIIMS was not the only target of cyberattacks as attempts at the servers of other premier institutions were also made and the website of the Indian Council of Medical Research (ICMR) was reportedly targeted 6,000 times, but the hackers failed to hack it.

Meanwhile, two systems analysts are learnt to have been suspended on Monday for not responding to phone calls and not attending an emergency meeting on November 23, when the cyber attack took place. The duo were issued showcause notices on November 24, and told to file their written replies the same evening. The showcause notice issued to one of the analysts, who is learnt to have been on leave at the time, mentioned that the official was contacted on phone, but did not respond. The notice, seen by Sources said the second showcause notice was similar in content. While hospital services have been operating in manual mode since the cyber attack, a team of experts from the Indian Computer Emergency Response Team (CERT-in) and National Informatics Centre (NIC) are working on restoring digital services. Significantly, sources said that besides the servers, the AIIMS network and its computers are “also vulnerable”. Therefore, following the advice of CERT-in, AIIMS internet and AIIMS intranet have been discontinued and “their vulnerabilities are being addressed”, said sources. “AIIMS has about 10,000 computers and not all of them have updated anti-virus applications. This is also being addressed,” sources said. The restoration of servers is taking longer than expected as it is a highly technical job that involves three broad steps, said sources. First, the five infected servers have to be verified. Second, they will then have to be restored. Third, the data backed up on the five ...

Earlier this year, a technical analysis carried out by the Indian Computer Emergency Response Team (Cert-In) on the cyber-attack on AIIMS had revealed that the IT networks of the government-run hospital was compromised “by unknown threat actors due to improper network segmentation”, the minister of state for electronics and information technology Rajeev Chandrasekhar said. In a written reply to the Rajya Sabha, Chandrasekhar had said that following the reporting of the cyber-incident by AIIMS, the Cert In probe revealed that the attack, caused due to improper network segmentation “caused operational disruption due to non-functionality of critical applications”. Don’t miss out on ET Prime stories! Get your daily dose of business updates on WhatsApp. Four state-owned financial entities — Punjab National Bank, Life Insurance Corporation of India, State Bank of India, and Bank of Baroda — that together own just over 45% of UTI Asset Management Company (AMC) are understood to be working on inviting formal bids for selling their stakes, top officials close to the development told ET. • Khanda, who led anti-India protest dies • Flying taxi is top trend at VivaTech in Paris • Biparjoy: Will continue upto midnight, says IMD • IndiGo plane suffers tail strike while... • Purola Love Jihad row: Mahapanchayat cancelled • Ten quick tips to become a 'Professional Trader' • 10 stocks with highest EBITDA margin in FY23 • Biparjoy: Ground report from affected area • Asia Cup 2023: ACC accep...

The cyberattack has frozen AIIMS’ e-hospital system – including appointments and registration at outpatient departments (OPD), billing at inpatient departments (IPD), laboratory report generation, and smart lab, among others. The outages have resulted in long queues and errors in handling emergency cases. According to the institute, a ransomware attack has corrupted all the files stored on the main and backup servers of the hospital. The perpetrators held around 4 crore patient profiles at ransom – including sensitive data and medical records of VIPs. The exploited databases contain Personally Identifiable Information (PII) of patients and healthcare workers, and administrative records kept on blood donors, ambulances, vaccination, caregivers and employee login credentials. The extent and threat of the attack is so much that multiple agencies like Delhi Police, the Centre’s Computer Emergency Response Team (CERT), the Ministry of Home Affairs, and even the National Investigation Agency have joined the probe. However, they haven’t been able to fully crack the case. The attack, believed to be a major one, comes within a month after AIIMS announced that it would go paperless from January 1, 2023, and be fully digitised by April 2023. However, AIIMS is no stand-alone case. Cyber threat watchdog CloudSEK said the Indian healthcare sector was the second most targeted by cybercriminals worldwide. Research by the company showed that health organisations witnessed a massive spike i...

All India Institute of Medical Sciences (AIIMS), the country’s premier healthcare institution, has reported a massive cyber hacking, which as per officials, is the result of a ransomware attack. The cyber attack has resulted in a server outage affecting daily operations at the hospital, including appointments, patient registration, discharge and more. US Treasury thwarted attack by Russian hacker group last month, says official The US Treasury last month repelled cyber attacks by a pro-Russian hacker group, preventing disruption and confirming the effectiveness of the department's stronger approach to financial system cybersecurity, a US Treasury official said.National Information Centre (NIC), along with Cert-In, is said to be investigating the outage that has now crossed 48 hours. Till the filing of this report, it wasn’t clear whether AIIMS’ servers were back to business or not. Here’s what ransomware attack is, how dangerous it can be and more. What is a ransomware attack Ransomware is a type of malware or malicious software that encrypts the victim’s file (data) and asks for a “ransom” to restore access for the victim. Think of it as an ‘extortion’ where you need to pay up money to get back your stolen data. If the targeted institute/company/person fails to meet the attacker's demand, they risk losing access to the data, and it may end up on the internet, either publicly available to everyone or on sale in some marketplace on the Dark web. How dangerous is a ransomwar...

Earlier this year, a technical analysis carried out by the Indian Computer Emergency Response Team (Cert-In) on the cyber-attack on AIIMS had revealed that the IT networks of the government-run hospital was compromised “by unknown threat actors due to improper network segmentation”, the minister of state for electronics and information technology Rajeev Chandrasekhar said. In a written reply to the Rajya Sabha, Chandrasekhar had said that following the reporting of the cyber-incident by AIIMS, the Cert In probe revealed that the attack, caused due to improper network segmentation “caused operational disruption due to non-functionality of critical applications”. Don’t miss out on ET Prime stories! Get your daily dose of business updates on WhatsApp. Four state-owned financial entities — Punjab National Bank, Life Insurance Corporation of India, State Bank of India, and Bank of Baroda — that together own just over 45% of UTI Asset Management Company (AMC) are understood to be working on inviting formal bids for selling their stakes, top officials close to the development told ET. • Khanda, who led anti-India protest dies • Flying taxi is top trend at VivaTech in Paris • Biparjoy: Will continue upto midnight, says IMD • IndiGo plane suffers tail strike while... • Purola Love Jihad row: Mahapanchayat cancelled • Ten quick tips to become a 'Professional Trader' • 10 stocks with highest EBITDA margin in FY23 • Biparjoy: Ground report from affected area • Asia Cup 2023: ACC accep...

This is the second cyberattack against The internet services at the hospital remained blocked for several days as Delhi Police joined the investigation with Indian Computer Emergency Response Team (CERT-In) and National Informatics Centre (NIC). The National Investigation Agency (NIA) also visited the hospital and helped the investigative agencies in the case. The cyberattack led to the disruption of many services, especially online-based processes. The hospital launched Standard Operation Procedures (SoP) under manual admission and discharge procedure. Links with China and Hong Kong The investigation into the AIIMS cyberattack revealed that the servers used in the cyberattack might have originated in China and Hong Kong. Delhi also wrote to the Central Bureau of Investigation (CBI) and asked it to obtain more information from Interpol. Also Read: AIIMS Delhi cyber attack: Cops seek data on China, Hong Kong-based IP address from CBI The reports also said that AIIMS was not the only target of cyberattacks as attempts at the servers of other premier institutions were also made and the website of the Indian Council of Medical Research (ICMR) was reportedly targeted 6,000 times, but the hackers failed to hack it.

The cyber attack on the All India Institute of Medical Sciences (AIIMS) New Delhi, which is the premier medical institute in India, hit the day-to-day operations of the hospital very hard, with the data and personal information of the patients at risk. The cyber-attack took place a week ago, and the data operations at AIIMS came to a standstill for six days. The eHospital data of AIIMS was recovered on Tuesday night, but many believe that the data of crores of patients still remain at risk. The network is being sanitized before the services can be restored as all hospital services, including outpatient, in-patient, and laboratories, continue to run on manual mode. AIIMS said in an official statement, “The process is taking some time due to the volume of data and a large number of servers/computers for the hospital services. Measures are being taken for cyber security.” A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25. Meanwhile, two system analysts were suspended by AIIMS on Monday after being served show-cause notices for alleged dereliction of duty. It must be noted that the data breach in AIIMS targeted the data of around 3-4 crore patients who have got their treatments and consultations done at the hospital. This data also includes that of VIPs such as former prime ministers, judges, and MPs. While AIIMS has denied the allegations of any ransom demanded after the da...

The cyberattack has frozen AIIMS’ e-hospital system – including appointments and registration at outpatient departments (OPD), billing at inpatient departments (IPD), laboratory report generation, and smart lab, among others. The outages have resulted in long queues and errors in handling emergency cases. According to the institute, a ransomware attack has corrupted all the files stored on the main and backup servers of the hospital. The perpetrators held around 4 crore patient profiles at ransom – including sensitive data and medical records of VIPs. The exploited databases contain Personally Identifiable Information (PII) of patients and healthcare workers, and administrative records kept on blood donors, ambulances, vaccination, caregivers and employee login credentials. The extent and threat of the attack is so much that multiple agencies like Delhi Police, the Centre’s Computer Emergency Response Team (CERT), the Ministry of Home Affairs, and even the National Investigation Agency have joined the probe. However, they haven’t been able to fully crack the case. The attack, believed to be a major one, comes within a month after AIIMS announced that it would go paperless from January 1, 2023, and be fully digitised by April 2023. However, AIIMS is no stand-alone case. Cyber threat watchdog CloudSEK said the Indian healthcare sector was the second most targeted by cybercriminals worldwide. Research by the company showed that health organisations witnessed a massive spike i...