Six days ago, All India Institute of Medical Sciences (AIIMS) Delhi, faced a heavy cyber attack that derailed routine health services and affected thousands of patients.
The cyberattack has frozen everyday work at AIIMS, including appointments and registration, billing, laboratory report generation, etc. According to the institute, a ransomware attack has corrupted all the files stored on the main and backup servers of the hospital.
Ransomware is a type of malware or software, which encrypts the data of the affected system.
As per media reports, hackers have allegedly demanded approximately Rs 200 crore in cryptocurrency to decrypt the data. The Delhi Police, however, has refuted reports that Rs 200 crore has been demanded in cryptocurrency as a ransom
The cyber attack comes within a month after AIIMS announced that it would go paperless from next year.
What’s at stake?
The data breach has reportedly compromised the data of nearly 3–4 crore patients, including sensitive data and medical records of VIPs.
Several VIPs, including former prime ministers, ministers, bureaucrats, and judges, had their data stored. Around 38 lakh patients get treated at AIIMS every year. All their data is lost now.
The exploited databases contain Personally Identifiable Information (PII) of patients and healthcare workers, and administrative records kept on blood donors, ambulances, vaccination, caregivers and employee login credentials.
It highly likely that risks are quite high that the ransomware attack has exposed personal data and medical records of thousands of patients who have been treated at the institute. The data is usually sold on the dark web by the hackers.
What has AIIMS said?
AIIMS on Monday issued a notice pointing out that all services continue to take place in manual mode.
"The data restoration and server cleaning are in progress and is taking some time due to the volume of data and the large number of servers for the hospital services. Measures are being taken for cyber security," it said in a statement.
The patient care services in the emergency, outpatient, inpatient, and laboratory wings were managed manually.
The National Information Center (NIC) e-hospital database and application servers have been back online in the interim. Other e-hospital servers at AIIMS are being scanned and cleaned by the NIC team.
A PTI report said the AIIMS network is being sanitised. Antivirus solutions have been installed on nearly 1,200 of the 5,000 computers available. Twenty out of fifty servers have been scanned, and this activity is ongoing 24 hours a day, seven days a week.
Which agencies are probing the case?
The extent and threat of the attack is so much that multiple agencies like Delhi Police, the Centre’s Computer Emergency Response Team (CERT), the Ministry of Home Affairs, and even the National Investigation Agency have joined the probe.
How vulnerable healthcare sector is?
According to an IANS report citing Cyber threat watchdog CloudSEK, the healthcare sector in India was the second most targeted by cybercriminals worldwide. It also said health organisations witnessed a spike in cyber attacks during the pandemic.
“In the first four months of 2022, the number of cyber attacks on the sector rose by 95.34 per cent compared to the same period in 2021,” research by the firm said.
