The All India Institute of Medical Science (AIIMS) in Delhi has been thrown back in no time after a cyber-attack knocked out all of its systems. While it is unknown who is responsible for the incident, Delhi Police denied allegations that hackers were demanding an Rs. 200 crore crypto ransom to release them.
In a statement made on the sidelines of the CII Global Economic Policy Summit 2022, Minister of State for IT Rajeev Chandrasekhar announced that the “deliberate and targeted” ransomware attack on the servers of the AIIMS Delhi is being investigated by the National Investigation Agency (NIA).
The Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) division have filed a case of extortion and cyberterrorism.
Additionally, it has been stated that the computer facility’s team is holding a meeting and that two analysts have been suspended for data breaches.
What Happened At AIIMS?
On November 23, a breach in India’s premiere institute AIIMS’ internal systems was discovered. Not long after, the hospital’s online medical management system was rendered inoperable, paralyzing its servers. Because AIIMS has stated that some of their files have been encrypted, a ransomware assault is possible. A few ransomware groups are actively attacking Indian organizations, and one of these groups may have hit AIIMS.
The hackers’ ransom payment of Rs. 200 crores in cryptocurrency—has dominated news headlines, but the scope and tactics utilized in the hack suggest other goals. The inquiry has led to the identification of two Chinese ransomware groups: Emperor Dragonfly and Bronze Starlight (DEV-0401). According to an examination of Bronze Starlight’s previous activities, the group may be involved in espionage, employing ransomware as a cover.
As per media sources, the AIIMS administration reported that ransomware had “damaged outpatient and inpatient virtual hospital systems, including smart lab, billing, report production, and scheduling appointments.” The attack is suspected to be ransomware in which the crooks who hacked into the system are purportedly demanding a ransom payment, though Delhi Police have refuted this.
Current Status Of Availability Of Services In AIIMS Delhi
Two weeks after the All India Institute of Medical Science (AIIMS) disclosed a ransomware attack that paralyzed its servers, some online services have restarted this week, and more services are reportedly going to resume later this week.
According to media sources, online registration for new patients and follow-up registrations at the AIIMS Delhi’s new Rajkumari Amrita Kaur (RAK) OPD has resumed. Other services such as the online appointment system are still unavailable and laboratory services are working in manual mode. On Monday, the Outpatient Department (OPD) registration and admission procedures were resumed and made available online using the e-Hospital System. Staff employees asserted that the situation resulted in a 25% drop in patients visiting the OPDs.
Organizations like CERT, BEL, and DRDO are on the ground assisting with the rollout and restoring the system as soon as possible.
Government Agencies Involved In The Investigation
Investigations into the cyber-attack are being conducted by the Indian Computer Emergency Response (CERT-In) Team under the Ministry of Electronics and Information Technology, the Delhi Cybercrime Special Cell, the Indian Cybercrime Coordination Centre, the Intelligence Bureau, the Central Bureau of Investigation (CBI), the National Forensic Sciences University, the National Critical Information Infrastructure Protection Center, and the National Investigation Agency (NIA), among others.
Cyberattack On Safdarjung Hospital
Last week, Safdarjung Hospital also revealed that it was also struck by a cyber-attack. “In November 2022 Hospital server was also down for one day; however, the data was still secure and protected. It was managed by IT, and the National Informatics Center (NIC) and restored the systems to life”, according to Safdarjung Hospital’s medical director, Dr. BL Sherwal.
What Is Ransomware?
Ransomware is primarily a form of malicious software in which the perpetrator can get unauthorized access to the victim’s data and demand a ransom to reinstate the victim’s access to data.
Examples: WannaCry, Petya, NotPetya, BitPaymer, Cryptolocker, REvil, etc.
In its India Ransomware Report 2022, the Indian Computer Emergency Response Team (CERT-IN) said that there is a 51% increase in the number of ransomware assaults across several industries, including vital infrastructure.
To avoid these attacks, India must also examine the growing tactics, methods, and procedures of hackers and criminals. India may pay a heavy price if it is perceived as an obvious target.
All About Cyber Security
All facets of safeguarding a company, its employees, and its assets from cyber threats are included in cyber security. To limit corporate cyber risk, a variety of cyber security solutions are necessary as cyberattacks become more regular and sophisticated, and corporate networks become far more complicated.
The practice of safeguarding computers, servers, mobile devices, electronic systems, networks, and data from hostile intrusions is known as cyber security. It is often referred to as information technology security or digital data security.
About CERT-In
The acronym CERT-In stands for “Indian Computer Emergency Response Team.” To protect Indian cyberspace, CERT-In operates under the Ministry of Electronics and Information Technology, Government of India. It is the National Incident Response Centre for significant incidents involving computer security in its jurisdiction, i.e., Internet users in India. The main responsibility of CERT-In is to increase security awareness and offer technical support and guidance to help them recover from computer security incidents. The Information Technology (Amendment) Act of 2008 made CERT-In the national agency in charge of carrying out the aforementioned duties.
International Treaty On Cybercrime
The Budapest Convention on Cybercrime, commonly known as the Budapest Convention, entered into force in 2004 and is the first international convention aimed at combating Internet and computer crime by harmonizing national laws, strengthening investigative procedures, and increasing international cooperation.
Last year, the United Nations General Assembly (UNGA) passed a resolution led by Russia on combating cybercrime globally, despite concerns that it may be used to justify shutting down civil society in repressive countries. By 2023, a draft treaty is anticipated to be finished.
Also Read : Why and how is the Council of Europe working against cybercrime?
Combating Cyber-Attacks
To deal with a nearly daily bombardment of cyberattacks, a new attitude of centralized cyber incident monitoring will be necessary. The AIIMS breach was not very sophisticated, and it might have been avoided by constantly upgrading IT systems and addressing the vulnerability. To stave off hacking efforts, the new slogan of cyber hygiene entails continual training and upgrading of IT systems.
The moral imperative of foreign politics looks to be quite volatile in the cyber arena. The new cybersecurity policy must cover all bases to secure vital facilities such as AIIMS and power grids.
