Union Minister Rajeev Chandrasekhar on Friday, December 16, said as per the analysis of cyber security watchdog CERT-In and other stakeholders, five servers of AIIMS were affected by a recent cyber attack which led to encryption of approximately 1.3 terabytes of data.
The minister of state for electronics and IT, in a written reply in the Rajya Sabha, said the information and computer systems at the All India Institute of Medical Sciences (AIIMS) were managed by the institute itself. Upon being informed about the cyber security incident by AIIMS, the Indian Computer Emergency Response Team (CERT-In) evaluated the case.
The minister said as per preliminary analysis, servers were compromised in the information technology network of AIIMS by unknown threat actors due to improper network segmentation, which caused operational disruption because of non-functionality of critical applications.
"CERT-In and other stakeholder entities have advised necessary remedial measures. Based on current analysis by concerned stakeholders, 5 servers of AIIMS were affected and approximately 1.3 Tera Bytes of data was encrypted," Chandrasekhar said.
The All India Institute of Medical Sciences, Delhi allegedly faced a cyber attack on November 23, paralysing its servers. A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25.
Minister of State for Health Bharati Pravin informed the Lok Sabha on Friday that all the data has been retrieved from an unaffected backup server with most of its services also being restored.
More than two weeks after the AIIMS cyber attack, Minister of State for Health Bharati Pravin informed the Lok Sabha on Friday that all the data has been retrieved from an unaffected backup server with most of its services also being restored.
Responding to a question, Pawar said no specific amount of ransom was demanded by the hackers though a message was discovered on the server that suggested it to be a cyber attack.
An FIR has been registered by the All India Institute of Medical Sciences with the Special Cell of Delhi Police, regarding the attack, the minister said in her written reply.
Five physical servers of AIIMS Delhi on which the e-Hospital application of the National Informatics Centre (NIC) was hosted, were affected. All the data for the e-Hospital has been retrieved from a backup server which was unaffected and restored on new servers.
"Most of the functions of e-Hospital applications like patient registration, appointment, admission, discharge, etc. have been restored after two weeks of the cyber attack," Pawar said in the written reply.
The National Nodal Agency for responding to cyber security incidents -- Indian Computer Emergency Response Team (CERT-In) has "Empanelled Information Security Auditing Organisations" for auditing including vulnerability assessment and penetration testing of the computer systems, networks and applications involving public service delivery including Ayushman Bharat Digital Mission (ABDM).
Immediate measures were taken by AIIMS to enhance security like endpoint hardening, string firewall policies and network segmentation to secure all the data of the Institute, the minister stated.