AIIMS prepared a Battle Plan for Cyberattacks

Post Views: 272

Just two weeks ago, AIIMS was the target of a second cyber attack, but the hospital’s cyber security systems were able to successfully block this attempt.

Official Document, Business Standard

AIIMS in New Delhi is accelerating “a complete revamp” of its IT infrastructure, focusing on “improving legacy network and security operations centre” after experiencing two cyberattacks in the previous eight months.

‘After the recent (November 23, 2022) cyber incident, NIC (the National Informatics Centre) has been requested to develop the dashboard in eHospital.’ The incident on November 23 marked AIIMS’s first cyberattack.

‘A complete revamp of the IT infrastructure, which is in the pipeline, is being expedited with emphasis on improving legacy network and security operations centre.’ This was accomplished by implementing enhanced security features that could be applied immediately, such as network segmentation, endpoint hardening, and strong firewall policies, with the assistance of CERT-In (Indian Computer Emergency Response Team) and other organizations.

“This cyber incident was reported to the CERT-In, and an FIR with the special cell of the Delhi police was filed on November 24, 2023.” The special unit of the Delhi police has confiscated six infected physical servers for their inquiry.

After two weeks following the event, “most functions of the eHospital application, such as patient registration, appointment, admission, registration, etc., were restored.”

AIIMS

When questioned about the details of this ‘total redesign.’

AIIMS Spokesperson

“details are still under finalization.”

An internal dashboard at AIIMS has been used to provide data on the availability of emergency beds in real-time.

1,138 hospitals in New Delhi, including AIIMS, use the eHospital site as an online registration and hospital management system.

On November 23 of last year, when files on the NIC’s eHospital were discovered to be encrypted, AIIMS was the victim of its first cyberattack.

On the server, there was a message claiming it was a “ransomware attack.” This occurrence impacted the hospital’s activities for two weeks.

Just two weeks ago, AIIMS was the target of a second cyber attack, but the hospital’s cyber security systems were able to successfully block this attempt.

On June 6, AIIMS declared that “The eHospital services remain fully secure and are operating normally.”

This was the first time a cyber security issue of this nature occurred at AIIMS, New Delhi. The older network was unmanaged, and work was already underway to upgrade it. They said that older PCs were no longer receiving operating system updates and are now being replaced.

“After taking quick action, cyber security is improved further in collaboration with the relevant agencies.

For the continuation of business operations, the copies of the data are now secured on many servers.

The systems were promptly turned down and disconnected when the initial cyber incident happened at 7 am on November 23 to stop the infection from spreading.

They pointed out that the data for eHospital was restored on new servers after being recovered from an untouched backup server.

The hospital services during this interim two-week period were delivered in an offline/manual mode.

About The Author

Suraj Koli is a content specialist with expertise in Cybersecurity and B2B Domains. He has provided his skills for News4Hackers Blog and Craw Security. Moreover, he has written content for various sectors Business, Law, Food & Beverage, Entertainment, and many others. Koli established his center of the field in a very amazing scenario. Simply said, he started his career selling products, where he enhanced his skills in understanding the product and the point of view of clients from the customer’s perspective, which simplified his journey in the long run. It makes him an interesting personality among other writers. Currently, he is a regular writer at Craw Security.