AIIMS thwarts malware attack, no impact on patient services

New Delhi, June 6

India’s top tertiary care hospital, AIIMS New Delhi, on Tuesday thwarted a malware attack on its servers preventing any adverse impact on patient service or any loss of patient data.

“A malware attack was detected at 1450 hrs by the cyber-security systems in AIIMS, New Delhi. The attempt was successfully thwarted, and the threat was neutralised by the deployed cyber-security systems. The eHospital services remain to be fully secure and are functioning normally,” AIIMS said in a statement today.

Union Minister of State for Electronics & Technology Rajeev Chandrashekhar also said there was no cyber incident or breach in AIIMS server today.

This was the second attempt to destabilise the AIIMS servers. A similar malware attack in November last year had disrupted most of the functions and patient services which took two weeks to restore.

In November, five physical servers of AIIMS, New Delhi on which e-Hospital application of the National Informatics Centre was hosted, were affected.

No specific amount of ransom was demanded by hackers though a message was discovered on the server suggesting that it was a cyber-attack. All the data for eHospital had been retrieved from a backup server which was unaffected and restored on new servers.

In the previous attack, most functions of e-Hospital applications of AIIMS like patient registration, appointment, admission, discharge were down and were restored after two weeks of the cyber-attack.

Delhi police had also registered an FIR.

The National Nodal Agency for response to cyber security incidentsthe Indian Computer Emergency Response Team (CERT-In) had, after the November attack, strengthened AIIMS data security systems.

These included endpoint hardening, string firewall policies and network segmentation to secure all the data of the Institute.