scorecardresearch
Wednesday, Feb 08, 2023
Advertisement
Premium

The worry: AIIMS breach may hit its linked centres

AIIMS-Delhi has a huge network of about 100 servers and it is now known that it was a Windows server that was first breached and encrypted by hackers on November 23, bringing computerised services in the country’s premier medical institute to a grinding halt.

Early in the ongoing “incident response”, officials said, it was discovered that AIIMS-Delhi was using a 2007 Windows  version of “poor configuration” with its architecture handled and expanded by an in-house team. (File Photo)

There is growing concern in the cyber-security establishment over the ransomware attack on servers of AIIMS-Delhi on November 23 with top Government sources telling The Indian Express that the breach, “in all likelihood”, could have a cascading effect on AIIMS facilities in other cities and more hospitals connected on the network.

Multiple cyber-security agencies, led by the Computer Emergency Response Team (CERT-IN), are scouring over network logs to analyse in which AIIMS units or hospitals the contagion could possibly spread. Senior officials said there was “likely” to be a spread, but there were no reports as yet of any impact on systems in other cities.

The exercise is a logistical nightmare since the AIIMS network has 15,000 “endpoints”, which connect and exchange information with the network that includes desktops, laptops and even diagnostic machines.

AIIMS-Delhi has a huge network of about 100 servers and it is now known that it was a Windows server that was first breached and encrypted by hackers on November 23, bringing computerised services in the country’s premier medical institute to a grinding halt.

Subscriber Only Stories
Delhi Confidential: Hardeep Singh Puri takes part in novel demonstration ...
Come forward, lift the veil, don’t let men attend your meetings: At V-C’s...
Rejuvenated water bodies, new ponds breathe new life in this Bengal district
India’s big millets push, and why it makes sense to have these grains

Early in the ongoing “incident response”, officials said, it was discovered that AIIMS-Delhi was using a 2007 Windows  version of “poor configuration” with its architecture handled and expanded by an in-house team.

The National Informatics Center (NIC) has now been called in to create a “model” computer architecture for AIIMS and other hospitals, especially since there has been an uptick in cyberattacks on medical infrastructure in the country, including Covid-vaccine research centres.

The other worrisome admission made by top officials is that though the AIIMS cyber strike was now over two weeks old, there was a “predictable scenario” of it being categorised as a “double extortion” ransomware attack.

Advertisement

A “double extortion” ransomware attack is one in which high-value data is first encrypted by the attacker and later, either a ransom is demanded or the data is sold or put out in parcels on other networks.

The Indian Express had reported on December 3 that a preliminary investigation by CERT-IN found that the cyberattack originated from another country, and could possibly have involved “a foreign state actor”.

The incident marked one of the most high-profile data breaches targeting a Government-backed entity in the country, compromising the records of nearly 3-4 crore patients including high-profile political personalities.

First published on: 10-12-2022 at 04:41 IST
Next Story

Calcutta Medical College: Hunger strike by students enters Day two as talks fail

Latest Comment
Post Comment
Read Comments
Advertisement
Advertisement
Advertisement
Advertisement
close