Delhi AIIMS scrambles to keep OPD going on Day 3 of server outage

Updated on Nov 25, 2022 11:43 PM IST

Security agencies on Friday were still struggling to revive the system, resulting in the hospital administration releasing a “colour-coded form system” to segregate the patient load.

Ransomware operators typically demand a payment -- hence, ransom -- to provide the key to decrypt the files. This sort of an attack on AIIMS involves a malware that locks away access to files, crippling regular functioning. (HT Archive)
Ransomware operators typically demand a payment -- hence, ransom -- to provide the key to decrypt the files. This sort of an attack on AIIMS involves a malware that locks away access to files, crippling regular functioning. (HT Archive)

Two days after a suspected ransomware attack hit servers at the All India Institute of Medical Sciences (AIIMS), security agencies on Friday were still struggling to revive the system, resulting in the hospital administration releasing a “colour-coded form system” to segregate the patient load. The hospital has also directed heads of departments to deploy the maximum possible manpower to make up for delays due to the manual handling of administrative work.

In an office order issued on Friday, AIIMS medical superintendent Dr DK Sharma said, “We are all aware of the infelicitous software malware cyberattack on our eHospital system. It need not be overemphasised that the concerned government agencies and AIIMS administration are working hard to retrieve and restore the system’s functioning at the earliest.”

Also Read | Ransomware suspected as AIIMS servers go down, trigger long waits

The order added, “With a view to avoid/ ameliorate any possible convenience to the large number of patients coming for OPD (outpatient departments) consultation and investigations, all chief(s) of centres and head(s) of clinical and diagnostic departments are requested to deploy additional manpower resources (faculty, residents, scientists, project staff, any other staff), irrespective of the unit etc., to the OPD and diagnostic areas to ensure that all patients coming to AIIMS to avail these services are duly attended to, with least possible waiting time or difficulty to the patients.”

Ransomware operators typically demand a payment -- hence, ransom -- to provide the key to decrypt the files. This sort of an attack involves a malware that locks away access to files, crippling regular functioning.

A common modus operandi for most ransomware operators is to threaten to leak the files to pressure their targets into paying up, which makes the AIIMS attack particularly concerning, experts said, since it involves medical records, some of the most private information about an individual.

This is the first instances of a major Indian hospital – in this case, the country’s most prominent government hospital that also treats high-ranking officials -- being affected by ransomware.

The primary and the first backup servers at AIIMS were corrupted at around 7am, in what was later found to be a ransomware attack. In an incident report sent by AIIMS medical director Dr M Srinivas to the union ministry of health and family welfare, the hospital said it first became aware of the cyber attack after receiving a call from the emergency lab, regarding the inability to view reports in the National Informatics Centre (NIC) laboratory system. Thereafter, similar reports were received from the billing section and other areas. At 8am, the outpatient department (OPD) counters also reported the same error.

The Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) cell filed a first information report (FIR) invoking sections of cyber terrorism (IT Act, section 66F) against unknown persons, while teams of the NIC and Computer Emergency Response Team (CERT-In) attempted to restore the network.

Also Read | AIIMS server outage being probed as ‘cyber terrorism': Delhi Police

However, the servers were still down as of 10pm on Friday.

An official statement released by AIIMS said, “Investigation for the incident and efforts to bring back the digital patient care services are progressing. Actions to prevent such attacks are being planned. We hope to be able to restore the affected activities soon. All patient care services, including lab services, continue to be managed manually.”

Meanwhile, administrative work at AIIMS continued in manual mode, causing inordinate queues and chaos.

Many patients complained that they have been waiting for OPD and test appointments for the last three days, but there is no clarity as to when the systems will be revived.

“We took an appointment for a few tests for my son two months back, but when we reached yesterday, we were told that their server is down. None of the tests have happened. Even today, they told us that only emergency tests are happening. We have come from Lucknow and had no prior information about this,” said Sarita Mishra, an attendant.

A Delhi Police officer associated with the probe said, “Our initial probe has suggested that the hacker or hackers operate from outside India and exploited the weak security network of the AIIMS servers. The maintenance of the servers was not properly done, and the anti-virus softwares were quite weak. The hacker demanded money in cryptocurrency, but it’s not clear what how much the extortion demand was,” the officer said.

SHARE THIS ARTICLE ON
  • ABOUT THE AUTHOR

    Soumya Pillai covers environment and traffic in Delhi. A journalist for three years, she has grown up in and with Delhi, which is often reflected in the stories she does about life in the city. She also enjoys writing on social innovations.

  • ABOUT THE AUTHOR

    Karn Pratap Singh has been writing on crime, policing, and issues of safety in Delhi for almost a decade. He covers high-intensity spot news, including terror strikes, serial blasts and security threats in the national capital.

SHARE
Story Saved
OPEN APP
×
Saved Articles
Following
My Reads
My Offers
Sign out
New Delhi 0C
Tuesday, January 31, 2023
Start 15 Days Free Trial Subscribe Now
Register Free and get Exciting Deals