India’s flagship medical college and hospital, All India Institute of Medical Sciences (AIIMS) Delhi, suffered a ransomware news attack on November 23, 2022. As per reports, the attack began at around 7 am and later spread throughout the facility.
The authorities attributed the attack to ransomware which compromised the facility servers, making them malfunction throughout the sections.
In a statement released by the facility, AIIMS Delhi acknowledged the incident. It said, “The National Informatics Centre (NIC) team working at AIIMS has informed that this may be a ransomware attack which is being reported to and will be investigated by appropriate law enforcement authorities.” The report added that the impacted servers were running in manual mode, and the concerned authorities were taking the necessary actions to restore the digital services
AIIMS Delhi faces ransomware attack
Hemant Rajaura, a senior journalist, working with the Indian newspaper daily Hindustan shared insights about the incident. “Ransomware Attack: AIIMS Server still down even after more than 30 hours. The NIC team is trying to restore the files from the Second backup server,” Rajaura tweeted.
At the time of writing this, The National Informatics Centre, along with Indian Computer Emergency Response Team (CERT-In), was working towards restoring the services as the server downtime was also affecting the patients and clients.
According to Rajaura, “All the accounts, including the test reports of lakhs of patients in AIIMS, are still at stake. When the NIC team first tried to restore the files from the backup server, it was found that the backup server was also compromised, and the extension of its files was changed. Now trying from another backup server.”
With such a large-scale attack, experts speculate that a big threat group might be behind the intrusion.
The attack has stagnated the hospital’s normal functioning, and people are unable to register for OPDs or other tests. As per reports, the barcode system has also gone cold since yesterday.
AIIMS Delhi released an official statement
Ransomware is highly sophisticated malware designed to encrypt files and documents on the victim’s devices, networks, and servers. Usually, the perpetrator forces the victim into giving a ransom payment for decrypting the file. However, AIIMS Delhi is yet to provide any information about a ransom amount being introduced by the attackers.
AIIMS Delhi is one of India’s most prominent hospital and education facilities and caters to 1.5 million outpatients and 80,000 inpatients annually. The medical facility is also claiming that the attack is attributed to ransomware, which is being reported to the cybersecurity authorities in India. The authorities are working round the clock to restore the systems and take preventive measures to prevent such attacks from happening in the future. Applicable laws are being considered due to the sensitivity of the data stored on the servers.
The Cyber Express has made a request to the officials at AIIMS Delhi for more information on the ransomware attack. They remain unanswered at the time of publishing the report.