The attack on the computer server of All India Institute of Medical Sciences (AIIMS) in Delhi was carried out by Chinese hackers, a senior government source said on Wednesday adding that data in the five servers have been successfully retrieved now.
"AIIMS Delhi server attack was by the Chinese, FIR details that the attack had originated from China. Of 100 servers (40 physical and 60 virtual), five physical servers were successfully infiltrated by the hackers. The damage would have been far worse but is now contained. Data in the five servers have been successfully retrieved now," said the source from the Ministry of Health and Family Welfare (MoHFW) to news agency ANI.
The All India Institute of Medical Sciences, Delhi allegedly faced a cyber attack last month, paralysing its servers. A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25. Two of the analysts deployed to look after the servers' securities have also been suspended for the alleged breach of cyber security. In a ransomware attack, cybercriminals lock access to data or a device and promise to unlock it after they are paid the desired ransom.
AIIMS authorities in a statement issued stated that the e-Hospital data has been restored. "The eHospital data has been restored on the servers. The network is being sanitized before the services can be restored. The process is taking some time due to the volume of data and the large number of servers/computers for the hospital services. Measures are being taken for cyber security," they had said.
"All hospital services, including outpatient, in-patient, laboratories, etc continue to run on manual mode," the statement had said.
Earlier this month, a special cell of Delhi Police launched an investigation into the attack on the computer system at AIIMS Delhi.
According to official sources, a team of the Central Forensic Lab (CFSL) has been pressed into service to check the infected server of the AIIMS Delhi to identify the source of the malware attack.
"It is clearly a conspiracy and it has been planned by forces that are pretty significant. It is a sophisticated ransomware attack. We will wait for the outcome of CERTin and NIA (investigations) before we come to conclusion on who is behind the ransomware attack," Minister of State for IT Rajeev Chandrasekhar had said on December 2.
In a ransomware attack, cybercriminals lock access to data or a device and promise to unlock it after they are paid the desired ransom.
Catch all the Business News , Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.