AIIMS servers afflicted by suspected cyberattack, central agencies reach to find remedy

India’s premier medical institute AIIMS in Delhi has been hit by what is suspected to be a major cyberattack. Central cyber agencies along with other intelligence units have rushed to the institute.

The matter has also escalated to the union ministry of home affairs, sources said. The system is completely dead and agencies are in the process of reviving it, they added. The suspected attack has hampered the patient care system and a complaint has been lodged with Delhi police, say reports. Sources also said that senior officials of AIIMS have reached out to top levels of the government, suspecting it to be a major cyberattack, but the exact level of damage is still unknown.

“Cyber security incident at AIIMS, New Delhi. Today the server for National Informatics Centre’s eHospital being used at AIIMS, New Delhi was down due to which outpatient and inpatient digital hospital services including, smart lab, billing, report generation, appointment system etc., have been affected,” AIIMS said in a statement. “All these services are running on manual mode currently.

The National Informatics Centre (NIC) team working at AIIMS has informed that this may be ransomware attack which is being reported to and will be investigated by appropriate law enforcement authorities. Measures are being taken to restore the digital services and support is being sought from Indian Computer Emergency Response Team (CERT-In) and National Informatics Centre (NIC). AIIMS and NIC will take due precaution to prevent future such attacks. As of 7.30 PM, the hospital services are running on manual mode.”

Sources said that the cyberattack was on the system on which the patient care system is based. Other internet services are working but billing, and appointments have been affected. As per the ministry of home affairs, to strengthen the mechanism to deal with cybercrimes in a comprehensive and coordinated manner, the MHA has provided financial assistance to all the states and union territories under the Cyber Crime Prevention against Women & Children (CCPWC) scheme to support their efforts for setting up of cyber forensic-cum-training laboratories, training, and hiring of junior cyber consultants.

Cyber forensic-cum-training laboratories have been commissioned in 28 states. The central government has taken steps for “spreading awareness about cybercrimes, issuance of alerts/advisories, capacity building/training of law enforcement personnel/prosecutors/judicial officers, improving cyber forensic facilities, etc”.

The government has established the Indian Cyber Crime Coordination Centre (I4C) to provide a framework and ecosystem for law enforcement agencies to deal with cybercrimes in a comprehensive and coordinated manner. Joint Cyber Coordination Teams have been constituted for seven regions at Mewat, Jamtara, Ahmedabad, Hyderabad, Chandigarh, Visakhapatnam, and Guwahati under the I4C to address the issue of jurisdictional complexity, based upon cybercrime hotspots/ areas, by on-boarding all the states/UTs to provide a robust coordination framework to the LEAs