Chaos erupted at the government-run All India Institute of Medical Sciences (AIIMS) on Wednesday as a consequence of a cyberattack that damaged the hospital’s patient care services and affected the institute’s primary and backup systems, according to sources. Following the incident, both servers faced being shut down.
Insiders claim that to prevent further damage, a team of cyber experts from the National Informatics Center cut the connection to the second backup server. However, every file stored on the hospital’s primary and backup servers has been corrupted by the cyberattack. Tech professionals are reportedly working to recover the lost data.
Several hospital services were affected by the incident, including scheduling and registration for outpatient patients, billing for hospital patients, lab report generation, and smart lab, among others. The hospital only hinted at a ransomware attack on its recently integrated e-hospital feature, which enables patient care services to be provided digitally, rather than fully confirming the cyber hacking. The National Informatics Center team at AIIMS reported that this might be a ransomware attack, and the hospital said that the appropriate law enforcement authorities have been notified and will look into the matter.
According to sources, he also sent out an email demand for a sizable sum of money along with a warning that the scope of the cyberattack might also affect other services. The incident was reported to the police by AIIMS, and an investigation has since been opened. Patients were severely inconvenienced by the outage, as several services that had just been added to the e-hospital manual to enable digital delivery of hospital amenities had to be completed manually, causing hassle and delays.
Due to the server being down, the OPD and sample collection were done manually; however, the sampling system for people without a Unique Health Identification was impacted. According to a source, the patients were unable to self-register or make an appointment either online or on-site for a very long time. The cyber attack happens soon after AIIMS declared that by April 2023, all medical services would be completely digital.
AIIMS loses VIP data in a cyber attack; the attacker wants to speak
The authorities were unable to recover the data of thousands of patients, including VVIPs like Home Minister Amit Shah, former Prime Minister Manmohan Singh, and numerous diplomats, making AIIMS-Delhi a victim of a cyber attack for a second day. On Wednesday, the security lapse was discovered. top Home Ministry and IT Ministry sources claimed officials and technicians from the National Informatics Centre (NIC) worked through the night to thwart the ransomware attack that erased the medical records kept on the hospital’s primary and backup servers.
According to sources, the criminal has ordered the hospital to “prepare for negotiation” to obtain the email-held data. On the other hand, the government announced on Thursday that law enforcement organizations were looking into the cyber attack and helping AIIMS to reestablish digital patient care services.
“We anticipate being able to resume the impacted operations shortly.” According to a government statement, all regular and emergency health care services as well as lab tests are being managed manually. According to authorities, two staff members of the apex institute’s computer facility have been suspended for negligence. Additionally, an FIR was filed under several provisions of the IT Act.
Many patients who lined up at the departments for their consultation and follow-up were allegedly advised to return by the doctors. The institute has equally changed its discharge policy until the system is rectified. According to reports, the institution must pay for investigations and another standard test after patients are discharged, even though they are not kept in the general hospital.
According to sources, patients in private wards are instructed to claim their admissions deposit as soon as the e-hospital system is operational again. The e-hospital service, which oversees patient data management and routine patient care activities such as OPD registration, tests, smart lab, and billing, among others, was the target of the cyber attack, which was first discovered at 6:45 a.m. on Wednesday.
To stop hackers from breaking in further, the AIIMS administration has temporarily shut down WiFi and broadband internet services on campus, including in the dorms. Mobile Internet, however, continued to function. Until the system is fixed, the institute has changed its discharge policy.
Attack against AIIMS via cyberspace “from outside India”
Digital healthcare services at AIIMS in this city remained inoperable for the third day in a row as a result of a significant cyber attack the facility experienced earlier this week. Foreigners were reportedly watching the scope of the cyber attack, according to sources with knowledge of the incident. “The investigation is still in its early stages.”
We’re acting out the server hacking mode. However, the first results of the inquiry point to a cyber attack that originated outside of India. It might be a state actor or a syndicate. As a result, finding the perpetrators is taking a lot of time and money, a senior official said under the condition of anonymity.
The main and backup servers of AIIMS have been shut down as a result of the cyberattack, which was reported on Wednesday at 6:45 a.m. The e-hospital service was compromised by the attackers, who also took control of routine patient care tasks like OPD registrations, appointment scheduling, report generation (tests), smart lab, and billing.
To stop additional harm, National Informatics Center (NIC) personnel quickly isolated its second backup server. While four additional servers have been linked to the hospital’s network, experts are attempting to extract data from the e-hospital and lab information on external drives, according to hospital authorities. Official estimates indicate that the criminals have held over 4 crore patient profiles for ransom, including private information and sensitive medical records. It includes prominent politicians and dignitaries from other countries who sought treatment at AIIMS.
The cyber attacker has requested that the hospital “prepare for a negotiation” on the hostage data. A proton mail address has been left for communication with the institute. According to sources, an undisclosed demand has been made in cryptocurrency in exchange for a key that could decrypt the data. The ransomware cyberattack is the first of its kind to target a significant government healthcare institution.