Government yet to come up with satisfactory answers on AIIMS server attack

According to Union Minister for State for Electronics and Information Technology, Rajeev Chandrasekhar, the attack was carried out by unknown threat actors

IANS New Delhi
Rajeev Chandrasekhar

Rajeev Chandrasekhar

Months after a massive cyber attack at the All India Institute of Medical Sciences (AIIMS) in Delhi, the government is yet to come up with a satisfactory answer as to what happened to the patient data that was encrypted and may have been exfiltrated by the hackers.


Sensitive data of 40 million patients, including political leaders and other VIPs, were potentially compromised in the hacking.

As per sources, the AIIMS server was hacked by the Chinese. The government has maintained that the services were restored and the patient data have been repopulated into the system, but the most important question is what happened to the compromised data? Did they make their way to the dark web?

Could non-state people have accessed it?

The attack was analysed by the Indian Computer Emergency Response Team (CERT-In) and was found to have been caused by improper network segmentation.

Also Read

Samsung's top 50 teams of innovation competition to be trained at IIT Delhi

FIH Men's Hockey World Cup 2023: Obstacles India will face on its home turf

Union Health Minister's permission needed for inviting dignitaries to AIIMS

Parliamentary panel recommends approval for AIIMS redevelopment master plan

One year since Tatas took over Air India, here's how the journey has been

Govt may auction six mineral blocks in February, to boost mining sector

Every 11 secs a company becomes a victim of ransomware attack: Pavan Duggal

India saw record transplants of over 15,000 organs in 2022: Health Secy

Chinese fraudsters out to defraud Indians using fake loan applications

Cyber security breaches are up multiple times as Internet penetration grows

According to Union Minister for State for Electronics and Information Technology, Rajeev Chandrasekhar, the attack was carried out by unknown threat actors.

In a written reply to the Parliament, the minister said that CERT-In and other stakeholders have advised necessary remedial measures to prevent such incidents from happening again in the future.

The number of cyber security incidents in India has been on the rise, with 4.5 million cases being reported and tracked in the last five years, Chandrasekhar said in his reply.

This highlights the need for organisations to have robust cyber security measures in place to protect their sensitive information.

Speaking to IANS, Pavan Duggal, the Founder and Chairman of International Commission on Cyber Security Law, said that the time has come to wake up post the AIIMS ransomware attack.

"It is time to come up with specific legal provisions to deal with ransomware. In America, they have actually now made it an offence when somebody pays a ransom, because it is said to be aiding the cyber criminal," said Duggal.

"Whenever a cyber crime takes place, often it's accompanied by a cyber security breach. So that means we cannot now look at them as distinctive silos, but as overlapping fields. And, therefore, legal frameworks are required and sensitising people about these newly-emerging avatars and manifestations of cyber crime are needed," said Duggal.

"Across the world, countries are roughly in a similar kind of position that India is, except that the challenges for India are far too huge. Most of the cyber criminal activities are being targeted on Indians," he added.



(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

First Published: Feb 19 2023 | 4:50 PM IST

Explore News