New Delhi: The AIIMS in Delhi continues to work in manual mode for a week now, after a hack attack crashed the server-based system. Investigators suspect a terror angle and foreign conspiracy behind the cyber-attack on the country’s premier medical institution.
Important Facts
- Two system analysts have been suspended by AIIMS after being served show-cause notices for alleged dereliction of duty.
- Police have denied reports that hackers asked for ₹ 200 crore in cryptocurrency as ransom to restore the system at the All India Institute of Medical Sciences (AIIMS), Delhi, on November 23.
- From system of online appointments to the billing and sharing of reports with patients and between departments, almost all services are online at the institute, thus affected.
- AIIMS authorities have deployed additional staff to run the diagnostics, labs and OPD services. Registers are being used for entries, which is why the movement of documents — such as lab reports and receipts or confirmations — is taking time. Many of the staff are working overtime.
- Patient data theft is at the nub of the case. The FIR includes sections dealing with extortion and cyber-terrorism. The extortion angle sparked theories that it was a ransomware attack. Every year, around 38 lakh patients get treated at AIIMS, and all of the data is lost for now, sources said. This means details of crores of patients, including top political leaders, bureaucrats and judges.
- Top intelligence agencies and officials from the National Investigation Agency, too, have visited AIIMS and are working the case, sources said. The National Informatics Centre and the Indian Computer Emergency Response Team are trying to restore the data.
- So far, of the 5,000-odd computers at AIIMS, around 2,000 have been thoroughly scanned using anti-virus and anti-malware software. Thirty out of 50 servers have been scanned and this activity is ongoing 24×7.
- Medical Superintendent Dr DK Sharma has said the patient numbers have gone up since the day the server went down — almost 12,000 patients a day now – as people are not required to take an online appointment now.
- “The data restoration and server cleaning [are] taking some time due to the volume of data and a large number of servers for the hospital services. Measures are being taken for cyber security,” said AIIMS in a statement on Monday.
- Internet services are likely to remain suspended as the investigation agencies want a thorough cleanse. On Monday, news agency PTI reported, quoting a source: “The full sanitisation of the network is likely to continue for five more days. Thereafter, e-hospital services can be rolled out in a phased manner.”