Skip to content

AIIMS hit with a Malicious Ransomeware Attack

The All India Institute of Medical Sciences was the victim of a cyberattack on the morning of November 23. Digital hospital functions such as smart lab, billing, report production, appointment scheduling, etc., were disrupted.

Photo by KeepCoding / Unsplash

The All India Institute of Medical Sciences was the victim of a cyberattack on the morning of November 23. Digital hospital functions such as smart lab, billing, report production, appointment scheduling, etc., were disrupted, according to the management of this prestigious medical institution, and they blamed a ransomware attack. (1)

Ransomware is malicious software that encrypts users' data and then demands a ransom to unlock it. Cybercriminals force businesses into a corner where the only way out is to pay up by locking files with encryption and demanding a ransom to

The attack, which has all the hallmarks of a serious one, occurred less than a month after AIIMS declared that it would go completely paperless on January 1, 2023, and would be fully digitized by April of that year.

The administration of AIIMS announced the switch to manual mode for all services in a statement released on November 23.

There was an outage today at AIIMS in New Delhi, which uses a server hosted by the National Informatics Centre (NIC). Outpatient and inpatient digital hospital services such as smart lab, billing, report production, appointment booking, etc., have been impacted. At present, all these services are being operated by hand," the announcement read.

Law enforcement is looking into what may be a ransomware attack, as reported by AIIMS's Network Infrastructure Protection team. The Indian Computer Emergency Response Team (CERT-In) and the Network Improvement Committee (NIC) are being contacted to help restore digital services. The statement said, "AlIMS and NIC will take appropriate measures to prevent future attacks of this nature."

By 2021, CloudSEK, a cyber security intelligence organization, predicted that 7.7 percent of all healthcare cyberattacks would occur in India. This would make the country the second most targeted country in the world. CloudSEK is one of the companies that provide CERT-In, India's cybersecurity authority, with information about cyber threats.

The analysis found that second only to the United States, India saw 7.7 percent of all attacks on the healthcare business in 2021. More than 71 lakh healthcare records were reportedly compromised in the cyberattack on India's healthcare sector.

Signs of trouble

Cisco India, CrowdStrike, Cyware, and Sophos India, among others, warned of the potential for assaults on the healthcare industry during the pandemic, with consequences for telehealth, teleconsultations, telemedicine, wearables, and electronic mail.

In March 2021, Cyfirma, a Goldman Sachs-backed Singaporean threat intelligence firm, reported that Russian, Chinese, and North Korean hacker groups had targeted several Indian pharmaceutical companies and hospitals to steal sensitive information about vaccine research and trials. These companies and hospitals included the Serum Institute, Bharat Biotech, Dr. Reddy's Labs, Abbot India, Patanjali, and AIIMS.

Seven Russian, four Chinese, three North Korean, and one Iranian hacking campaign were found by Cyfirma, for a total of fifteen.

While this was happening, Indusface, a TCGF II (Tata Capital) financed SaaS security solution, said that its worldwide healthcare clients were subject to well over a million cyberattacks of varying severity. India was the target of 278,000 of these strikes.

In the first four months of 2022, cyberattacks on the healthcare sector worldwide increased by 95.35% compared to the same period in 2021. The epidemic has accelerated the healthcare sector's transition to digital optimization and the cloud. However, this puts it at more risk and makes it more susceptible.

Latest