The Delhi Police's Intelligence Fusion and Strategic Operations unit has written to CBI seeking details from Interpol about the IP addresses of email IDs from China and Hong Kong in connection with its probe into the AIIMS server attack case, officials said on Sunday, December 18 The Central Bureau of Investigation (CBI) is India's nodal agency for Interpol matters. According to sources, the attack on the servers of AIIMS-Delhi is suspected to have originated from locations in China and Hong Kong. Further details have been sought which can be obtained from companies in China and Hong Kong.
The All India Institute of Medical Sciences, Delhi faced the cyber attack on November 23, incapacitating its servers. A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25. Internet services were blocked as per the recommendations of the investigating agencies.
The Computer Emergency Response Team (CERT-In), Delhi cybercrime special cell, Indian Cybercrime Coordination Centre, Intelligence Bureau, CBI and National Investigation Agency, are investigating the incident. The attack affected the hospital's outpatient and inpatient digital services, including smart laboratory, billing, report generation and the appointment system.
Union Minister Rajeev Chandrasekhar said on Friday that as per the analysis of cyber security watchdog CERT-In and other stakeholders, five servers of AIIMS were affected by the cyber attack which led to the encryption of approximately 1.3 terabytes of data. The minister of state for electronics and IT, in a written reply in the Rajya Sabha, said that as per preliminary analysis, servers were compromised in the information technology network of AIIMS by unknown threat actors due to improper network segmentation, which caused operational disruption because of non-functionality of critical applications.