Comments
The cyber attack at All India Medical Sciences (AIIMS) originated from China and Hong Kong, preliminary investigations have revealed, government sources told businessline.
During the preliminary inquiry, investigators have been able to make direct connection to China, said government sources privy to the investigations being carried out by multi agencies. After unravelling the first layer of masking, the IP addresses were traced to two places — China’s Henan province and Hong Kong — sources added.
Five of the 100-odd servers installed at the computer centre of AIIMS’ e-hospital were affected, but the breach has now been contained and data retrieved, said sources. The affected servers were maintained by the NIC and were installed in the computer facility of AIIMS.
Of the 100 servers, 60 are virtual and 40 are physical ones. The Delhi police’s Intelligence Fusion & Strategic Operations unit had registered an FIR late last month under various sections of the IPC and IT Act, but it was during the forensic examination of five infected servers the China link emerged masked in different layers of IP addresses, which is done to mislead the origin of the hack, said government sources.
The Delhi police had sought the help of Central Forensic Science Labrotary (CFSL) for the examination of the infected servers, sources pointed out. It is learnt that the “help of Interpol was sought through the CBI headquarters here in tracing the cyber attack, and now investigators are trying to unmask the second layer to get footprints of hackers themselves. Probe is on to get a complete sense of the cyber attack, which had paralysed for weeks the e-hospital service of AIIMs putting patients at inconvenience.
Businessline had earlier exposed that AIIMS top brass knew from atleast 2019 that their network was “old, complex, outdated” and “highly prone to data security risk”. Despite that virtual hospital administration architecture was not secured.
However, police have denied that there was any ransom demand.
Two of the analysts deployed to look after the servers’ securities have also been suspended for the alleged breach of cyber security.
Every year, 38 lakh to 40 lakh patients are treated at AIIMs, including the country’s top leaders, politicians, bureaucrats, and famous personalities, among others.
Earlier this week, senior Congress leader and MP from Thiruvananthapuram, Shashi Tharoor, had also raised the issue of cyber attack in AIIMS in Parliament and sought a thorough investigation. He had also urged for adequate protection of citizens’ sensitive personal data.
He had raised its as a matter of urgent public importance in the Lok Sabha and pointed out that the origin, intent and extent of the attack remain unclear.
(Inputs from Abhishek Law)
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.