AIIMS server attack: Here’s what the IT minister has to say – Times of India

The servers of All India Institute of Medical Sciences (AIIMS) are still not fully recovered from ransomware attack reported last week. While the Indian Computer Emergency Response Team (CERT), National Investigation Agency (NIA) and the Delhi Police are investigating the matter, Union Minister of State for Electronics and IT Rajeev Chandrasekhar said that the AIIMS server attack could be a big conspiracy by organised gangs.
Chandrasekhar said that the AIIMS server attack was definitely a part of a larger conspiracy and there could be a ‘state actor’ or big organised gangs behind it.
“It is clearly a conspiracy and it has been planned by forces that are pretty significant. It is a sophisticated ransomware attack. We will wait for the outcome of CERT and NIA before we come to a conclusion on who is behind the ransomware attack,” news agency PTI quoted Chandrasekhar as saying.
As per news agency IANS, the minister added that while the Centre makes various arrangements to protect government institutions from cyber attacks, AIIMS being an autonomous institution, hires private agencies for the purpose.
“This will not be the first ransomware attempt. It will not be the last. It is for these entities like they say in the context of terrorism, you have to be right all the time and they can be successful only one time, so we have to be on guard. We have to make sure that our systems and processes are safe and secure. Especially in the era of intensifying digitisation of our economy and of our businesses and activities,” Chandrasekhar added.
The government reportedly considered setting a standard to prevent such incidents which would be sent to institutions like AIIMS as an advisory, he said, adding that patients’ data had not been leaked so far, but it has been made inaccessible from the hospital.

Delhi Police launches investigation
Meanwhile, Delhi Police has launched an investigation into AIIMS server hacking. Citing official sources, news agency ANI reported that a team of the Central Forensic Lab (CFSL) has been asked to identify the source of the malware attack.
A joint team of CFSL Delhi and Ahmedabad is also trying to ascertain if the attack was initiated from outside the country. “The CFSL’s report is awaited, and the Delhi police will release an official statement only after the report,” sources said.
Multiple reports have claimed that the ransomware attack on the servers might have originated from China or Hong Kong. Delhi Police has not made any official statement on this.
The Intelligence Fusion and Strategic Operations (IFSO) unit of Delhi police has also initiated a parallel investigation, IFSO sources were quoted as saying.