India's top medical institute AIIMS yet to recover from ransomware attack

India's top medical institute AIIMS yet to recover from ransomware attack
Image Credit: AIIMS

Investigators suspect North Korean or Chinese hackers for Nov 23 attack.

By on

All India Institute of Medical Science (AIIMS), one of the country’s largest public hospitals, is still reeling under a cyber attack on its servers which occurred on November 23. 

The attack has shut down the institution’s main and backup servers, affecting daily operations at the hospital including patient admission, appointments, report generation, smart lab, discharge and billing systems, among others.

The outage has resulted in long queues and errors in handling emergency cases.

The hospital last week said its server might have been subjected to a ransomware attack. However, the police have refuted claims alleging that hackers demanded 200 crore Indian rupees (S$33.6 million) in cryptocurrency as ransom. 

India’s National Informatics Centre (NIC) and National Investigation Agency are working with the Indian Computer Emergency Response Team (CERT-IN) to help in the organisation’s recovery. Law enforcement agencies like the Central Bureau of Investigation, Intelligence Bureau, Ministry of Home Affairs and Delhi Police are investigating the incident.

Latest media reports said the investigative agencies suspect the ransomware attack was of foreign origin, most likely from either North Korea or China. 

Some systems back online

The hospital has managed to restore e-Hospital data including Laboratory Information System (LIS) database and other dependent databases on its servers.

"The process is taking some time due to the volume of data and the large number of servers/computers for the hospital services. Measures are being taken for cyber security," AIIMS said in a statement. 

The institute, running with more than 2,500 beds, said it is now operating patient care services in the emergency, outpatient, inpatient and laboratory wings in manual mode with additional staff. The hospital authorities had directed doctors to use hand-written notes, including signing birth and death certificates as the systems remained inactive.

According to a media report, this attack might have exposed the hospital records of around 40 million patients. The database might have contained Personally Identifiable Information (PII)s of patients and healthcare workers including records of blood donors, ambulances, vaccination, caregivers and employee login credentials. 

The massive cyber attack incident was reported shortly after AIIMS announced it had fully implemented the e-hospital system, with the target to transition to a paperless mode in 2023.

The e-hospital platform hosted on the MeghRaj national cloud system will enable the digitisation of internal workflows, and processes, connecting patients, hospitals, and doctors. 

Commencing in April of next year, AIIMS had also announced moving to a completely digital payments mode. It has introduced a smart card payment facility in addition to UPI and card payments at all counters.

Analysts commented that it remains to be seen if the current cyber attack delays AIIMs digitisation plans.

To reach the editorial team on your feedback, story ideas and pitches, contact them here.
© iTnews Asia

Most Read Articles