AIIMS Ransomware Attack Conspiracy Planned By Significant Forces: Rajeev Chandrasekhar

Minister of State for Electronics and Information Technology Rajeev Chandrasekhar has termed the ransomware attack on servers of AIIMS a conspiracy planned by significant forces. 

“It is clearly a conspiracy and it has been planned by forces that are pretty significant. It is a sophisticated ransomware attack. We will wait for the outcome of CERT-In (Computer Emergency Response Team) and NIA (National Investigation Agency) before we come to (a) conclusion on who is behind the ransomware attack,” Chandrasekhar was quoted as saying by news agency PTI.

The comments came on a day when AIIMS servers continued to remain out of bounds for authorities for the tenth consecutive day.

Chandrasekhar also said that the government has to be on guard against such attacks. He added that the authorities are looking to ensure that the systems and processes are safe and secure, especially in the era of intensifying digitisation of the economy and businesses. 

Earlier, reports also said that the hackers have demanded approximately INR 200 Cr in cryptocurrencies from AIIMS authorities. However, Delhi Police denied any such demand.

In a ransomware attack, the malicious actors infect the target system with a malware software that encrypts files and denies access to the actual user. In many such instances, attackers demand a ransom from the victims in return for a decryption key.

The attack on AIIMS is currently under a multi-agency probe involving CERT-In, Intelligence Bureau, NIA, Central Bureau of Investigation, National Forensic Sciences University, National Critical Information Infrastructure Protection Centre, Delhi Police, among others.

Meanwhile, patient care services including emergency outpatient, laboratory and inpatient continue to operate in manual mode. On the other hand, internet services are yet to be restored at the premier institute owing to the recommendations of investigating agencies. 

Earlier on Tuesday, officials said that the AIIMS network was being sanitised at full pace before the services could be rolled out. Additionally, the institute also noted that the process was taking a long time owing to the large volume of data and a large number of servers as well as computers deployed for the hospital services. 

It is pertinent to note that the Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) wing filed a case of extortion and cyber terrorism in the matter on November 25.

The government’s apprehensions about the cyberattack are not misplaced. Multiple Indian agencies have been hit by such attacks in the recent past, including Central Depository Services Limited (CDSL), National Informatics Centre (NIC), and Oil India Limited (OIL). 

Besides, attempts have also been reportedly made at other homegrown firms such as Serum Institute of India (SII), Bharat Biotech and Dr Reddy’s Labs by state actors and hacker groups from Russia, China, and North Korea.

India witnessed 18 Mn cyberattacks and 2 Lakh threats per day in the first quarter of 2022, as per a senior Google executive. 

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.