scorecardresearch
Saturday, Feb 04, 2023
Advertisement
Premium

The worry: AIIMS breach may hit its linked centres

AIIMS-Delhi has a huge network of about 100 servers and it is now known that it was a Windows server that was first breached and encrypted by hackers on November 23, bringing computerised services in the country’s premier medical institute to a grinding halt.

Early in the ongoing “incident response”, officials said, it was discovered that AIIMS-Delhi was using a 2007 Windows  version of “poor configuration” with its architecture handled and expanded by an in-house team. (File Photo)

There is growing concern in the cyber-security establishment over the ransomware attack on servers of AIIMS-Delhi on November 23 with top Government sources telling The Indian Express that the breach, “in all likelihood”, could have a cascading effect on AIIMS facilities in other cities and more hospitals connected on the network.

Multiple cyber-security agencies, led by the Computer Emergency Response Team (CERT-IN), are scouring over network logs to analyse in which AIIMS units or hospitals the contagion could possibly spread. Senior officials said there was “likely” to be a spread, but there were no reports as yet of any impact on systems in other cities.

The exercise is a logistical nightmare since the AIIMS network has 15,000 “endpoints”, which connect and exchange information with the network that includes desktops, laptops and even diagnostic machines.

AIIMS-Delhi has a huge network of about 100 servers and it is now known that it was a Windows server that was first breached and encrypted by hackers on November 23, bringing computerised services in the country’s premier medical institute to a grinding halt.

Subscriber Only Stories
UPSC Essentials | Weekly news express with MCQs: Adani-Hindenburg saga, M...
Anti-science movement is political but medicine also hasn’t conveyed its ...
In Jharkhand’s tribal villages, an online marketplace for local produce
Delhi Confidential: Mansukh Mandaviya gives a shout out to youngest Mitra

Early in the ongoing “incident response”, officials said, it was discovered that AIIMS-Delhi was using a 2007 Windows  version of “poor configuration” with its architecture handled and expanded by an in-house team.

The National Informatics Center (NIC) has now been called in to create a “model” computer architecture for AIIMS and other hospitals, especially since there has been an uptick in cyberattacks on medical infrastructure in the country, including Covid-vaccine research centres.

The other worrisome admission made by top officials is that though the AIIMS cyber strike was now over two weeks old, there was a “predictable scenario” of it being categorised as a “double extortion” ransomware attack.

Advertisement

A “double extortion” ransomware attack is one in which high-value data is first encrypted by the attacker and later, either a ransom is demanded or the data is sold or put out in parcels on other networks.

The Indian Express had reported on December 3 that a preliminary investigation by CERT-IN found that the cyberattack originated from another country, and could possibly have involved “a foreign state actor”.

The incident marked one of the most high-profile data breaches targeting a Government-backed entity in the country, compromising the records of nearly 3-4 crore patients including high-profile political personalities.

First published on: 10-12-2022 at 04:41 IST
Next Story

Calcutta Medical College: Hunger strike by students enters Day two as talks fail

Latest Comment
Post Comment
Read Comments
Advertisement
Advertisement
Advertisement
Advertisement
close