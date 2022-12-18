Nearly a month after the November 23 cyberattack on the servers of the All India Institute of Medical Sciences (AIIMS) crippled digital services at the hospital and risked patient and research data, the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police has sought information from the Central Bureau of Investigation (CBI) on Chinese hackers through the Interpol.

The CBI is the nodal agency for contact with Interpol, and deputy commissioner of police (IFSO) Prashant Priya Gautam said Delhi police seeks information from the central agency whenever the internet protocol (IP) addresses used by cybercriminals are found to belong to other countries.

“It is a routine affair. We have requested the central agency to provide information that whether the IP addresses of the email IDs from Henan and Hong Kong in China, were used to launch the cyberattack. We are also looking for information on whether those IP addresses were used by a company or by an individual, and about the companies providing internet there,” Gautam said.

The DCP said the information has been sought to determine the timing of the cyberattack and the location from where the encryption was made. “It will help us decode the matrix of the cyberattack and who was chief of hackers. It is very much like getting a dead body from the scene of crime. What we need is to catch the accused now,” he said.

Another officer aware of the matter, on condition of anonymity said, “It has been found in the investigation so far that the cybercriminals hacked the digital services of AIIMS and compromised the data of thousands of patients and paralysed its servers. Out of 40 physical servers, five were hacked. As soon as it came to our notice, we retrieved the data from an unaffected backup server and restored the services.”

Union minister of state for health and family welfare, Bharati Pravin, told Parliament on Friday that the hackers who attacked the AIIMS servers with ransomware did not demand any specific ransom amount. Responding to a question seeking details of the cyberattack, Pravin said, “No specific amount of ransom was demanded by the hackers though a message was discovered on the server suggesting that it was a cyber attack.”

The minister also said all the data of the hospital’s eHospital network has been retrieved from a backup server.