Delhi AIIMS Cyberattack: Two system analysts suspended over alleged dereliction of duty

New Delhi: As the servers of the premier health institute, the All India Institute of Medical Sciences (AIIMS), New Delhi have been out of order for over a week now, the hospital authorities informed that the e-Hospital data has been restored on the servers. Meanwhile, two system analysts were suspended by AIIMS on Monday after being served show-cause notices for alleged dereliction of duty.

The network is being sanitised before the services can be restored as all hospital services, including outpatient, in-patient, laboratories, continue to run on manual mode. "The process is taking some time due to the volume of data and a large number of servers/computers for the hospital services. Measures are being taken for cyber security," a statement issued by the All India Institute of Medical Sciences (AIIMS) said.

After certain sections of the media stated that hackers have allegedly demanded an estimated Rs 200 crore in cryptocurrency. Delhi Police told ANI, "In the AIIMS Delhi computer incident, no ransom demand as being quoted by certain sections of the media, has been brought to notice by AIIMS authorities."

Also Read:AIIMS Delhi seeks action taken report within 7 days on orders issued by Director

A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25.

Meanwhile, two system analysts were suspended by AIIMS on Monday after being served show-cause notices for alleged dereliction of duty.

Medical Dialogues team had earlier reported that on Wednesday, AIIMS reported a failure in its server. The server has been down since 7 am on Wednesday, and the officials had been manually managing the OPD and sample collection.

Amid the second shut down of e-hospital server for over 40 hours, AIIMS issued a fresh set of Standard Operating Procedures (SOP) which says admission, discharge and transfer of patients will be done manually at the hospital till the E-Hospital is down.

Official sources said Internet services in the hospital are blocked as per the recommendations of the investigating agencies.

According to the official sources, the NIC e-Hospital at AIIMS is using 24 servers for various hospital modules and four of these servers were infected with ransomware –primary and secondary database servers of e-Hospital, and primary application and primary database servers of Laboratory Information System (LIS).

Later, ransomware was also found in the elastic search virtual server. 1.4. All infected servers were isolated, they said.

Four new physical servers were arranged, including two from external agencies, for restoring e-Hospital applications. The databases were restored on these four servers which have been scanned and the data is accessible. Another four servers of NIC applications were scanned. Of these, viruses were found in two servers, they said.

"AIIMS has around 40 physical and 100 virtual servers. Five have shown signs of virus. These servers are also being set up for scanning and new servers with updated configurations are being purchased as most servers at AIIMS were end of life/end of support," the source said.

Sources said the five servers hosted data of approximately 3-4 crore patients, but added that reports of patient data being stolen had "no factual basis", reports The Indian Express.

The antivirus has been manually installed on nearly 2,400 computers, the source said.

The CERT-In, Delhi cybercrime special cell, the Indian Cybercrime Coordination Centre, the Intelligence Bureau, Central Bureau of Investigation, National Investigation Agency, among others, are investigating the ransomware incident.

"Declaring AIIMS as a critical IT infrastructure for cyber security monitoring was discussed with the National Critical Information Infrastructure Protection Centre (NCIIPC) in a meeting held on Tuesday as AIIMS has very sensitive data. This will allow regular monitoring of cyber threats by various agencies," the official source added.

Also Read:AIIMS issues fresh guidelines for manual admission as e-Hospital server down