The Delhi Police's Intelligence Fusion and Strategic Operations unit has written to CBI seeking details from Interpol about the IP addresses of email IDs from China and Hong Kong in connection with its probe into the AIIMS server attack case, officials said on Sunday.
The Central Bureau of Investigation (CBI) is India's nodal agency for Interpol matters.
Alleged Chinese involvement
According to sources, the attack on the servers of AIIMS-Delhi is suspected to have originated from locations in China and Hong Kong. Further details have been sought which can be obtained from companies in China and Hong Kong.
The All India Institute of Medical Sciences, Delhi faced the cyber attack on November 23, paralysing its servers. A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25.
Internet services were blocked as per the recommendations of the investigating agencies. The Computer Emergency Response Team (CERT-In), Delhi cybercrime special cell, Indian Cybercrime Coordination Centre, Intelligence Bureau, CBI and National Investigation Agency, are investigating the incident.
The attack affected the hospital's outpatient and inpatient digital services, including smart laboratory, billing, report generation and the appointment system. Patient care services were handled manually as the servers remained defunct for over a week.
Spate of such attacks in recent time
This is not the first or an isolated incident of cyberattacks on India’s critical infrastructure where Chinese involvement has been alleged. In fact, back in 2018, the Indian Computer Emergency Response Team (CERT-In) in a report highlighted that China was responsible for nearly 35% of the total number of cyber attacks on official Indian websites.
Speculations are rife that following the Galwan clash along Indo-China border, India has become a recurrent target for cyber offensives allegedly launched by its hostile neighbor. China, however, has time and again dismissed these accusations.
Also Read | Recent Cyber Attacks With Alleged Chinese Involvement That Targeted India’s Critical Infrastructure
In April 2022, Chinese hackers allegedly targeted seven Indian centers in Ladakh responsible for carrying out electrical dispatch and grid control near a border area disputed by the two nuclear neighbors.
Likewise, a 2021 report by US-based cyber security company Recorded Future suggested that the Unique Identification Authority of India’s database suffered intrusions by Chinese hacking groups through June and July 2021, although it was not clear what data was stolen.
India’s business hub, Mumbai, faced a severe blackout on October 12, 2020 which halted local trains, shut down stock markets and hospitals for almost 10 to 12 hours. Recorded Future emphasized that this was a result of multiple malwares deployed by Chinese group RedEcho.
In fact, the firm has pointed out a 261% increase in the number of suspected state-sponsored Chinese cyber operations targeting Indian organizations and companies through 2021 compared to 2020.
(With inputs from PTI)