Cybercriminals, who hacked into the digital services of All India Institute of Medical Sciences (AIIMS) and allegedly compromised the data of scores of patients, have reportedly asked an estimated amount of Rs 200 crore in cryptocurrency as the servers of the country’s premier institution remained down for the sixth consecutive day.
“Hackers have allegedly demanded around Rs 200 crore in cryptocurrency,” PTI cited a source as saying.As per a report by the news agency, there are fears that the data of around 3-4 crore patients could have been compromised due to the breach that was first reported on Wednesday (November 23) last week.
The AIIMS server has data of several VIPs, including former prime ministers, ministers, bureaucrats and judges.
Some services restored
Meanwhile, the National Information Centre (NIC) e-hospital database and application servers for e-hospital have been restored.The team is also scanning and cleaning infection from other e-hospital servers that are required for delivery of hospital services, an official source was cited as saying.
Furthermore, four physical servers arranged for restoring e-hospital services have been scanned and prepared for the databases and applications, the PTI report mentions.
Since the digital services were down, basic services such as patient admission, transfers, and laboratory works, among others, have been done manually at AIIMS.Last week, the working committee instructed the hospital staff to prepare death/birth certificates manually.
Sanitisation in progress
AIIMS network is also being sanitised and antivirus solutions have reportedly been arranged for servers and computers.
The software has been installed on nearly 1,200 out of 5,000 computers and 20 out of 50 servers have been scanned.
“The full sanitisation of the network is likely to continue for five more days.Thereafter, e-hospital services can be rolled out in a phased manner.Patient care services including emergency, outpatient, inpatient,laboratory etc services are being continued on manual mode,” the source was quoted as saying.
Read Also AIIMS server down: Chinese hackers suspected; services moved to manual mode and other details AIIMS Delhi Server Down: “Prima facie, it appears that a weak firewall and outdated systems apart from lack of cloud-based servers made the bid, most probably by Chinese hackers possible,” say officials.Information on whether any significant research or health data has been stolen is not yet
Read Also AIIMS hit by ransomware attack: What does ransomware mean, how dangerous it is and other details The basic idea of a ransomware attack is to make the victim shell out some money, but paying money does not mean you would get the data stolen.
As per the Sophos State of Ransomware 2021 report, around 92 per cent of organisations do not get all of the lost data back, and those who get it can not
Cert-In, police probing attack
The India Computer Emergency Response Team (CERT-IN), Delhi Police and representatives of the Ministry of Home Affairs are investigating the ransomware attack.The police filed an FIR on November 25 under 66F (cyber terrorism) and 66 (computer related fraud) of the Information Technology Act and section 385 (extortion) at IFSO, special cell.
It was reported that there is a possibility that Chinese hackers are behind the attack.
A weak firewall and outdated systems apart from lack of cloud-based servers are likely the reasons for the ransomware attack.
Ransomware attack is a type of cyber hacking in which a cyberattacker deployed ransomware or malicious software in the victim’s systems that encrypts the data.The attacker then asks for a “ransom” to restore access for the victim..
