Delhi AIIMS cyberattack originated in China, servers retrieved: Sources
The attack on the servers of the All India Institute of Medical Sciences (AIIMS) originated in China, reported ANI, quoting senior officials of the Ministry of Health and Family Welfare (MoHFW). The hackers managed to infiltrate five physical servers, the data from which have now been retrieved. The AIIMS has a total of 100 servers—40 physical and 60 virtual.
Why does this story matter?
- AIIMS Delhi faced a cyberattack last month which paralyzed its servers. The hospital was left without internet and everything had to be done manually.
- Following the attack, the Delhi Police's Intelligence Fusion and Strategic Operations (IFSO) unit registered a case of extortion and cyberterrorism.
- A slew of state investigation and information technology agencies were investigating the cyberattack.
Tharoor called attention to weak data privacy safeguards
Thiruvananthapuram MP and Congress leader Shashi Tharoor raised the issue in Lok Sabha on Wednesday and demanded a thorough investigation. He said a special category of sensitive personal data, including health data, was created in the Personal Data Protection Bill 2019, which required stringent safeguards. But it was withdrawn and done away with in the new draft Bill.
It was believed to be a ransomware attack
Minister of State for Information Technology (IT), Rajeev Chandrashekhar, said that the National Investigation Agency (NIA) was probing the "deliberate and targeted" ransomware attack. The National Informatics Centre (NIC) believed that the attackers may have used ransomware in the first major cyberattack on any medical database in India. Ransomware is malware that uses asymmetric encryption to hold the victim's information for ransom.
AIIMS has weak antivirus software and firewalls: Report
According to CNN-News18, AIIMS's systems had weak antivirus software and firewalls, making the servers susceptible to attacks. It seems that neither AIIMS nor NIC paid enough attention to upgrading the security of their systems. The building where the attacked systems were located catered to VIPs and VVIPs. The systems held confidential data and information about the latest research and developments.