Delhi AIIMS server hacking: A special cell of Delhi Police has launched an investigation into the alleged malware attack in the All India Institute of Medical Sciences (AIIMS), Delhi. According to official sources, a team of the Central Forensic Lab (CFSL) has been pressed into the service to check the infected server of the AIIMS Delhi to identify the source of the malware attack.
A joint team of CFSL Delhi and Ahmadabad is also trying to ascertain if the attack was initiated from outside the country.The Intelligence Fusion and Strategic Operations (IFSO) unit of Delhi police, which was earlier known as the Cyber Prevention Awareness Detection (CyPAD) unit, has also initiated a parallel investigation, said IFSO sources. "The exact source of hacking is not known yet," they said.
Official sources said that multiple departments of the Union Home Ministry and IT Ministry are involved in the rectification and restoration of servers affected in the alleged malware attack. The sources said that a formal investigation to ascertain how the AIIMS Delhi's servers were hacked has been initiated by Delhi Police, while a team of the National Investigation Agency (NIA) has also reached AIIMS Delhi and joined the investigation. "The CFSL's report is awaited, and the Delhi police will release an official statement only after the report," sources said.
The AIIMS Delhi reported a failure in its servers on November 23, and the servers remain out of order ever since then. Two of the analysts deployed to look after the servers' securities have also been suspended for the alleged breach of cyber security. AIIMS Delhi authorities in a statement issued on Tuesday last claimed that the e-Hospital data has been restored.
"The eHospital data has been restored on the servers. The network is being sanitized before the services can be restored. The process is taking some time due to the volume of data and the large number of servers/computers for the hospital services. Measures are being taken for cyber security," they said.
"All hospital services, including outpatient, in-patient, laboratories, etc continue to run on manual mode," the statement had said. Internet services at the healthcare facility also remain blocked as recommended by the investigation agencies. AIIMS had also issued a fresh set of Standard operating procedures (SOP) for admission, discharge, and transfer of patients' related works to be done manually until the eHospital is down.
Delhi AIIMS services restoration:
Meanwhile, the AIIMS-Delhi services to restore online from December 6, 2022 in a phased manner. AIIMS has around 40 physical and 100 virtual servers and of these, five have been infected with the ransomware, reports in the media said. These servers are being scanned and new servers with updated configurations are being purchased.
On around 2,400 computers, a new and advanced antivirus has been manually installed. Moreover, data of around 3-4 crore patients is feared to have been compromised due to the cyber-attack on November 23. Previously, the All India Institute of Medical Sciences authorities notified that the e-hospital data of its servers has been successfully restored back and the network is being sanitised.
AIIMS also informed about the restoration process of the data and said that due to the vast volume of data and a large number of servers, the hospital is taking its time. The hospital also said that measures are being taken against the cybersecurity threat. Earlier, the hospital stated that all its hospital services will continue to work in offline mode including in-patient, outpatient, and laboratories etc.
AIIMS deployed extra manpower to run its services including diagnostics, OPD services and labs as the hospital's services remained suspended due to the cyber-attack.
(With agencies inputs)