More than two weeks after the cyber attack on the servers of the All India Institute of Medical Sciences, Delhi, Minister of State for Health Bharati Pravin informed the Lok Sabha on Friday, December 16 that all data has been retrieved from an unaffected backup server with most of its services also being restored.
Responding to a question, Pawar said no specific amount of ransom was demanded by the hackers though a message was discovered on the server that suggested a cyber-attack. An FIR has been registered by the All India Institute of Medical Sciences with the Special Cell of Delhi Police, regarding the attack, the minister said in her written reply, according to PTI.
The alleged cyber attack affected five physical servers of AIIMS Delhi on which the e-Hospital application of the National Informatics Centre (NIC) was hosted. "Most of the functions of e-Hospital applications like patient registration, appointment, admission, discharge etc have been restored after two weeks of the cyber-attack," Pawar said in the written reply.
The National Nodal Agency for responding to cyber security incidents — Indian Computer Emergency Response Team (CERT-In) has "Empanelled Information Security Auditing Organisations" for auditing including vulnerability assessment and penetration testing of the computer systems, networks and applications involving public service delivery including Ayushman Bharat Digital Mission (ABDM), the Minister said. Immediate measures were taken by AIIMS to enhance security like endpoint hardening, string firewall policies and network segmentation to secure all the data of the Institute, he added, according to a report by PTI.
Setting up of 22 new AIIMS and 75 projects of upgradation of existing government medical colleges or institutions by way of setting up of super speciality blocks or trauma centres have been approved under the Pradhan Mantri Swasthya Suraksha Yojana (PMSSY) to reduce the patient load on the Delhi hospital. They are at various stages of offering inpatient and outpatient services to the needy. The day-to-day operations or surgeries as well as associated activities and record keeping was done in a manual mode. In AIIMS Delhi, the dashboard for the real-time emergency bed availability has been developed in-house, the reply stated.
In a statement issued after the servers first went down on November 23, AIIMS Delhi said, "Today, the server for National Informatics Centre's Hospital being used at AIIMS, New Delhi, was down due to which outpatient and inpatient digital hospital services, including smart lab, billing, report generation, appointment system etc., have been affected. All these services are running on manual mode currently."
This was a first-of-its-kind attack on a premier health institute in India. With AIIMS Delhi's servers down after the ransomware attack, scenes of chaos were observed in the hospital. Reports also suggested that AIIMS Delhi was working on devising a cyber security policy for the hospital and other wings with guidance from investigating agencies. A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25 in connection with the ransomware attack.
