DNA Exclusive: Big revelations in AIIMS cyber-attack case

The AIIMS administration is not ready to break its silence over the ransomware attack at AIIMS Delhi. The situation is so bad, that it is not even clear whether the AIIMS servers have been freed from the clutches of hackers or not. However, it is being said that data is being recovered gradually, due to which, an online OPD has been started. The AIIMS cyber-attack is being investigated by the Delhi police, National Investigative Agency, CBI, and NIC.

In today’s DNA, Zee News’ Aditi Tyagi makes an analysis of the exclusive documents accessed by Zee Media in the AIIMS cyber-attack case.

As per these documents, the last transaction at the AIIMS server took place at 07:07 am, on November 23. After sometime, the server was hacked. The hackers had sent RANSOMWARE via two email IDs – dogA2398@protonmail.com and mouse63209@protonmail.com.

The Preliminary Investigation report also says server hacking was not at all a big task for the hackers. The report says that the AIIMS network switches were ‘mismanaged’ – something that resulted in non-updation of the network.

Watch DNA to understand in detail the AIIMS cyber-attack case.

What is AIIMS Ransomware attack case?

According to PTI sources, the All India Institute of Medical Sciences, Delhi allegedly faced a cyber attack on November 23, paralysing its servers. A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25. The internet services were blocked as per the recommendations of the investigating agencies, the sources said.

CERT-In, Delhi cybercrime special cell, Indian Cybercrime Coordination Centre, Intelligence Bureau, Central Bureau of Investigation, National Investigation Agency, etc. Are investigating the incident.

The AIIMS authorities had said last week that the e-Hospital data had been restored on the servers. They said the network was being sanitised before the services could be restored.

The process was taking some time due to the volume of data and a large number of servers and computers. Measures are being taken for cyber security, the AIIMS had said.

Giving details of the entire incident, the official sources said that the National Informatics Centre (NIC) eHospital at the AIIMS uses 24 servers for various hospital modules and four of these servers — primary and secondary database servers of eHospital, primary application and primary database servers of laboratory information system (LIS) — were infected with ransomware.

Live TV