AIIMS ransomware attack due to 'improper network segmentation': Govt in RS

New Delhi: The servers of the All India Institute of Medical Sciences (AIIMS) were compromised by unknown threat actors due to "improper network segmentation", the Government informed Rajya Sabha on Friday.

Sharing the information in a written reply, the Minister of State for Electronics and Information Technology Rajiv Chandrasekhar further stated that the issue caused "operational disruption" disruption due to the non-functionality of critical applications. He was responding to questions regarding the alleged hacking of the AIIMS server by ransomware asked by MP John Brittas.

The Minister further stated that upon being informed about the "cyber security incident" at AIIMS, the Indian Computer Emergency Response Team (CERT-In) evaluated the incident and advised necessary remedial measures.

Also Read: AIIMS Delhi server attack originated from China, say government sources; data from 5 servers safely retrieved

"The All India Institute of Medical Sciences (AIIMS) information and computer systems were managed by AIIMS themselves and upon being informed about cyber security incident by AIIMS, the Indian Computer Emergency Response Team (CERT-In) has done evaluation of the incident," stated the MoS.

He further stated that based on current analysis by concerned stakeholders, five servers of AIIMS were affected and approximately 1.3 Tera Bytes of data were encrypted.

The Union Minister stated that the Government has taken several measures to prevent such ransomware attacks. "On observing a ransomware incident, CERT-In notifies the affected organizations along with remedial actions to be taken, and coordinates incident response measures with affected organizations, service providers, respective sector regulators, and law enforcement agencies," he stated.

Chandrasekhar also said that a Cyber Crisis Management Plan for countering cyber-attacks and cyberterrorism has been formulated by CERT-In, for implementation by all Ministries and Departments of the Central Government, State Governments, and their organizations and critical sectors.

Speaking in the Lok Sabha on the same issue Minister of State for Health Bharati Pravin Pawar said that all the data has been retrieved from an unaffected backup server with most of its services also being restored.

She also said that no specific amount of ransom was demanded by the hackers though a message was discovered on the server that suggested it to be a cyber-attack. An FIR has been registered by the All India Institute of Medical Sciences with the Special Cell of Delhi Police, regarding the attack, the minister stated in a written reply.