Written by : Aishwarya Sarthe
June 9, 2023
AIIMS New Delhi recently faced another cyber attack, which was promptly detected and neutralized by the hospital's cyber-security systems. The attack, discovered at 2:50 PM on Tuesday, triggered a swift response to ensure the protection of the institution's systems and data.
In a tweet, the All India Institute of Medical Sciences, New Delhi confirmed the incident and announced that the malware attack had been successfully thwarted. They assured the public that their E-Hospital services remained fully secure and functioning normally. This incident comes after AIIMS New Delhi experienced a similar attack in November of the previous year, which resulted in a two-week disruption of hospital services related to registration, admission, and discharge.
AIIMS Delhi's initial server failure was reported on November 23, 2022. As a result, two analysts were suspended due to alleged breaches in cyber-security protocols related to server security.
Addressing the recent cyber attack, Union Minister Rajeev Chandrasekhar clarified that the E-Hospital application, which was reportedly targeted, is an internal system inaccessible to the general public. He stated that someone may have attempted to access the portal, triggering the security alert. The error messages associated with the incident have been rectified, and there was no actual cyber incident or breach. The minister's statement aimed to alleviate concerns and assure the public that the situation was under control.
However, it is important to note that in December of the previous year, a senior government source revealed that the cyber attack on AIIMS Delhi's computer servers was attributed to Chinese hackers. According to the source, out of the 100 servers at AIIMS, five physical servers were successfully infiltrated. Nevertheless, the impact was contained, and data from the affected servers was successfully retrieved. The source from the Ministry of Health and Family Welfare (MoHFW) further mentioned that the attack originated from China, as stated in the FIR (First Information Report) filed regarding the incident.
The cyber attacks on AIIMS Delhi's servers highlight the ongoing challenges and vulnerabilities faced by institutions, particularly in the healthcare sector, regarding cyber security. The potential risks include disruptions to critical healthcare services and the compromise of sensitive patient data.
To address these challenges, AIIMS Delhi and other healthcare institutions must strengthen their cyber-defense mechanisms and continuously update their security protocols. This involves investing in a robust cyber security infrastructure, conducting regular risk assessments, and implementing proactive measures to detect and prevent potential cyber threats.
Collaboration between healthcare organizations, law enforcement agencies, and cyber security experts is essential to enhance preparedness and response capabilities. Sharing best practices, conducting joint training programs, and fostering information exchange can significantly contribute to healthcare institutions' cyber security resilience.
Furthermore, government support and funding are vital to bolster medical institutions' cyber security infrastructure. Adequate resources should be allocated to enhance cyber security measures, conduct comprehensive audits, and promote awareness among healthcare professionals about cyber threats and the importance of adhering to security protocols.
International cooperation and coordination between cyber security agencies play a crucial role in addressing cross-border cybercrimes. Sharing intelligence, collaborating on investigations, and facilitating the extradition and prosecution of cybercriminals are necessary steps to ensure a comprehensive and effective response to cyber attacks targeting critical healthcare infrastructure.
In conclusion, the recent cyber attack on AIIMS New Delhi reminds healthcare institutions of persistent cyber security threats. While the prompt detection and neutralization of the attack reflect the hospital's preparedness, continuous efforts are needed to strengthen cyber security measures, enhance collaboration, and improve the overall resilience of the healthcare sector. By investing in robust defenses, implementing best practices, and fostering a proactive cyber security culture, healthcare organizations can better protect their systems, data, and, most importantly, the patients they serve.