Sign in

India must learn from the AIIMS cyberattack

Sunday was the fifth straight day that the All India Institute of Medical Sciences (AIIMS) in Delhi was offline after a cyberattack

Updated on: Nov 27, 2022, 20:22:23 IST
By
Share
Share via
  • facebook
  • twitter
  • linkedin
  • whatsapp
Copy link
  • copy link

Sunday was the fifth day that the All India Institute of Medical Sciences (AIIMS) in Delhi was offline after a cyberattack. For a facility that processes 6,000 patients a day on average, registrations, test reporting and billings are now being done on paper. Visitors, many from faraway towns and villages, speak of confusion, queues and long delays. Behind closed doors, some of the government’s top agencies – Delhi Police’s cyber cell, the Computer Emergency Response Team, National Informatics Centre — struggle to restore the network. Causing this havoc is ransomware (computer code) that has locked away AIIMS’ data with an impossible-to-crack cryptographic key. This key is held by an attacker whose identity and motives are unknown to the public. But if the convention is any indicator, the objective is to extort as hefty a ransom as AIIMS can pay.

File photo of AIIMS Delhi. (Mohd Zakir/HT Photo)
File photo of AIIMS Delhi. (Mohd Zakir/HT Photo)

Signs of the worst that could happen now may have been portended by developments in Australia this month: Ransomware operators began releasing in tranches 9.7 million medical records hacked from Medibank, the country’s largest health insurer after the ransom demand was not met. Targets such as Medibank and AIIMS are not just valuable for the money they can cough up; they also have medical records and personal information of millions of people, including government functionaries. Leaks of such nature have tremendous espionage value, and are thus a national security risk. It is no surprise then that the incident at AIIMS is being probed for cyberterrorism. For years, experts have called on India to roll out a national strategy that would force organisations to arm themselves against the sort of attack that AIIMS has fallen victim to. The developments of last week are a disconcerting reminder of how costly red tape can be when it comes to cybersecurity.

Unlock a world of Benefits with HT! From insightful newsletters to real-time news alerts and a personalized news feed – it's all here, just a click away! -Login Now!