AIIMS ransomware attack: Read the document government issued to officials in August – Times of India
In a circular dated August 16, concerned officials were directed to comply with cyber security policies issued by the Ministry of Home Affairs (MHA) and Ministry of Electronics and Information Technology (MeitY).
The circular was issued by the Computer Facility at AIIMS and has the subject line: “Compliance of security instructions provided under National Information Security Policies and guidelines issued by MHA in 2014 and cyber security policies issued by DeitY.”
Earlier this year, it was reported that AIIMS, Delhi decided to go paperless from January 1, 2023, and would implement an e-Hospital programme. The programme will have services like automated emails to doctors, ABHA IDs for all patients, doctor-specific OPD appointments, among others. To enforce the same, a demonstration of e-Hospital modules was also carried out on October 17 by the National Informatics Centre (NIC) team.
AIIMS server are still down
The server at AIIMS continues to be down since the hospital first reported the cyber attack on November 23. Internet services are still blocked and all hospital services, including outpatient, in-patient, laboratories, are running on manual mode. The services are likely to start this week.
AIIMS e-Hospital data restored
AIIMS has already issued a statement saying that the e-Hospital data has been restored. “The e-Hospital data has been restored on the servers. The network is being sanitised before the services can be restored. The process is taking some time due to the volume of data and the large number of servers/computers for the hospital services. Measures are being taken for cyber security,” the statement read.
Also Read: Safdarjung Hospital faces hacking attack, how it is different from AIIMS cyberattack and other details
Expert’s take on AIIMS cyberattack
As per ethical hacker and malware analyst Sunny Nehra, the ransomware variant used in AIIMS attack is similar to the new variants of top ransomwares “we find and thus hard to decrypt via the memory analysis or other methods.”
“I don’t think it [the data] is already being sold on darknet. But yes, there is a high chance it would be sold there sooner or later. The second backup not connected to the network was not infected and has been restored. To get all the data (which may not be in this second backup even), they will have to either buy the decryption key or buy the complete data itself,” Nehra added.
5G Cyber Scam Alert: How you can and cannot get 5G on your phone
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.