NEW DELHI: Delhi Police on Thursday filed an FIR for cyber terrorism and extortion to begin probing the hacking of AIIMS servers by foreign-based players. Multiple probe agencies have been roped in to recover the systems. This is the most significant ransomware cyber attack on a reputed medical institution in recent times. Services are still down at AIIMS and it is running in manual mode.
The extortion amount has not been disclosed yet and the hackers have reportedly left a protonmail address for AIIMS to connect with them in case they wanted to recover their systems and decrypt files, sources said. Prima facie, it appears that a weak firewall and outdated systems apart from a lack of cloud-based servers made the bid, most probably by Chinese hackers, possible.
This is being considered a serious security breach as well because a majority of cabinet ministers and top politicians avail treatment at AIIMS. It is, however, unclear if any significant research or health data has been stolen as of now.
According to a Delhi Police spokesperson, an FIR was filed on Thursday in connection with the “computer incident” on the complaint of the security officer at AIIMS. “The FIR has been registered under 66F (cyber terrorism) and 66 (computer-related fraud) of the Information Technology Act and section 385 (extortion) at IFSO, special cell. The matter is being investigated,” said the spokesperson.