Hackers Demand INR 200 Cr Crypto Ransom From AIIMS, Delhi Police Refutes Claims

Hackers Demand INR 200 Cr Crypto Ransom From AIIMS, Delhi Police Refutes Claims

SUMMARY

The premiere healthcare institute has been held at ransom by a purported ransomware attack which was detected on November 23

While internet services have been blocked on computers at AIIMS, a full sweep is currently underway of the institute’s servers, systems and the network

The matter is currently under investigation by a team comprising representatives from CERT-In, Delhi Police and the Ministry of Home Affairs

Update| November 29, 07:30 PM

News agency ANI, quoting Delhi Police, reported that no ransom demand has so far been made to AIIMS authorities.

In a statement, AIIMS also said, “The data restoration and server cleaning is in progress and is taking some time due to the volume of data and a large number of servers for the hospital services. Measures are being taken for cyber security.”

Original Story| November 28 , 11:21 PM

For the sixth consecutive day on Monday (November 28), servers at the All India Institute of Medical Services (AIIMS) Delhi remained out of order as hackers reportedly demanded approximately INR 200 Cr in cryptocurrencies.

Sources told news agency PTI that the hackers have remained adamant on the demand. The data of an estimated 3-4 Cr patients could have been compromised due to the breach. 

The premiere healthcare institute has been held at ransom by a purported ransomware attack which was detected on November 23. The attack has affected systems at the facility and has forced the administration to resort to manual management of emergency, outpatient, inpatient, and laboratory services.

A ransomware attack involves a malware software that encrypts files and denies access to the actual user. Generally, such cases involve cyberattackers demanding a ransom from the victims in return for a decryption key to enable the latter to gain access to their servers and files. 

The report, citing sources, said that the internet services have been blocked on computers at the hospital, while a full sweep is currently underway of the institute’s servers, systems and the network. So far, anti-virus solutions have also been deployed in nearly 1,200 out of 5,000 computers at the site while 20 out of 50 servers have been scanned for malicious elements. 

As per sources, this activity has been ongoing 24×7.

While the NIC (National Informatics Centre) e-hospital database and application servers for e-hospital have been restored, the NIC team is currently scanning and cleaning infection from other e-hospital servers located at AIIMS. 

Additionally, sanitisation of the AIIMS network is also currently underway and four physical servers have been arranged for restoring e-hospital services and for hosting databases and applications.

“The full sanitisation of the network is likely to continue for five more days. Thereafter, e-hospital services can be rolled out in a phased manner. Patient care services including emergency, outpatient, inpatient, laboratory, etc., services are being continued on manual mode,” a source was quoted as saying. 

The matter is currently under investigation by a team comprising representatives of Computer Emergency Response Team (CERT-In), Delhi Police and the Ministry of Home Affairs. 

The Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) wing also filed a case of extortion and cyber terrorism in the matter on November 25.

Reacting to the attack, cybersecurity software-as-a-service (SaaS) firm Indusface’s chief executive officer (CEO) and founder Ashish Tandon recently told Inc42, “To fulfil the dream of a digital healthcare ecosystem, it is time to revamp the way we approach cybersecurity currently, especially in terms of healthcare data.”

At stake are multiple things. The AIIMS servers also host the data of multiple VIPs including former prime ministers, ministers, bureaucrats and judges. This could jeopardise national security and has raised alarm across the ministries.

Interestingly, the ransomware attack came a month prior to AIIMS announcing that it would go paperless from January 1, 2023, and would fully digitise its services by April 2023.

Increasing Cyberattacks 

This follows a volley of such cyberattacks on critical Indian installations. Earlier this month, the Central Depository Services Limited (CDSL) went offline after it detected malware in a few of its internal machines.

Cyberattackers earlier this year broke into Oil India Limited (OIL) and demanded $75,00,000 in Bitcoin as ransom. While many major Indian institutions have been hit in such attacks, these intrusions have especially been pronounced in the health sector. 

As per Google, the country saw 18 Mn cyberattacks and 2 Lakh threats per day in the first quarter of 2022. According to cybersecurity startup CloudSEK, India saw the second highest number of attacks in the world on the healthcare industry last year. 

Attempts have also been made, in the recent past, to hack into homegrown healthcare firms such as Serum Institute of India (SII), Bharat Biotech, Dr Reddy’s Labs and Abbott India, largely by state actors and hacker groups from Russia, China, and North Korea.

Despite multiple attacks on critical government installations in the past few months, the government is yet to get a grip on the growing number of incidents. In the absence of a strong firewall around government data, the websites are still open to vulnerabilities which allows malicious actors to exploit such loopholes. 

Step up your startup journey with BHASKAR! From resources to networking, BHASKAR connects Indian innovators with everything they need to succeed. Join today to access a platform built for innovation, growth, and community.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Hackers Demand INR 200 Cr Crypto Ransom From AIIMS, Delhi Police Refutes Claims-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Hackers Demand INR 200 Cr Crypto Ransom From AIIMS, Delhi Police Refutes Claims-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Hackers Demand INR 200 Cr Crypto Ransom From AIIMS, Delhi Police Refutes Claims-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Hackers Demand INR 200 Cr Crypto Ransom From AIIMS, Delhi Police Refutes Claims-Inc42 Media
Hackers Demand INR 200 Cr Crypto Ransom From AIIMS, Delhi Police Refutes Claims-Inc42 Media
You’re in Good company