(TibetanReview.net, Dec03’22) – The ransomware cyberattack that crippled the online management system of the All India Institute of Medical Sciences (AIIMS) in New Delhi involved China-based hackers including possibly “a foreign state actor”, reported the indianexpress.com and the timesofindia.com Dec 3, citing preliminary investigation.
The cyber incident that took place last month had brought the online management system of the institute to a halt, and raised concerns over the data of crores of patients being compromised, including that of high-profile political personalities.
“The origin of the cyberattack is from outside of India, and the initial investigation by Cert-In (Indian Computer Emergency Response Team, the country’s premier cybersecurity agency) points to the possibility of the involvement of a foreign state actor,” the indianexpress.com quoted a senior government official as saying.
The cyberattack happened at 2.43 pm on Nov 23, when hackers gained access to around five servers of AIIMS and the encrypted data residing in them. “Once they encrypted the data on the infected servers, it meant that AIIMS no longer had access to it,” the unnamed official has said.
The report said the incident marked one of the most high-profile data breaches targeting a government-backed entity in the country. The exploited databases was stated to contain personally identifiable information of patients and healthcare workers — and administrative records on blood donors, ambulances, vaccination and caregivers, and employee log-in credentials. The records of nearly 3-4 crore patients are suspected to have been compromised.
The probe also suggests that the hackers may have started putting the data for sale on the dark web as their demands were not met, the timesofindia.com report cited its source as saying.
Investigation has confirmed that five main servers were targeted by the Chinese hackers who subsequently put it on the dark web, the report said.
On reports that a ransom of Rs 200 crore in crypto currency had been demanded by the hackers, Delhi Police had given a cryptic statement that no ransom demand had been brought to their notice by AIIMS. Delhi Police, however, has filed an FIR of extortion and cyber terrorism on the complaint of AIIMS security officer, the report added.