Several services have remained affected at the All India Institute of Medical Sciences (AIIMS), Delhi, as the hospital is still struggling to get control of its servers back. The hospital lost access to its servers as a result of a possible ransomware attack that has forced hospital staff to manually settle bills, conduct tests and perform other functions.
“The server for National Informatics Centre’s Hospital being used at AIlMS, New Delhi was down due to which outpatient and inpatient digital hospital services including, smart lab, billing, report generation, appointment system etc, have been affected. All these services are running on manual mode currently,” the hospital said in a statement issued on November 24.
What we know about the ransomware attack
On November 23, patients and doctors complained about the hospital's services working slowly or not at all. As a result, the hospital was forced into working in a manual mode from 7 in the morning. The National Informatic Centre investigated the issue and found signs of a ransomware attack on the hospital’s servers.
Following the initial investigation, the Computer Emergency Response Team (CERT-In) and National Informatics Centre started working on the hospital's servers to restore functionality as soon as possible. At the same time, the Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) cell registered an FIR invoking sections of cyber terrorism (IT Act, section 66F) in light of the incident with the preliminary investigation hinting to the ransomware attack being perpetrated from outside the country, reported Hindustan Times.
While several services remained unaffected, the breach also put the loss of research data and information about VIP medical records at risk, sources told CNN-News18. Intelligence sources also added that the hack was possible due to weak security infrastructure including weak antivirus software and firewalls.
The ransomware attack on AIIMS is the first such attack on an Indian healthcare institution even as such institutions have been a favoured target of ransomware over the past few years.
Ransomware is a type of malware that encrypts or corrupts the data of an organisation restricting access, and forcing the organisation to pay a ransom to get their data back.
