According to FIR, the cyber attack on AIIMS Delhi, which paralyzed the online services of Delhi’s largest medical institute, originated in China. Hackers breached five out of 40 physical servers, and data from all five servers has now been successfully retrieved, senior officials at India’s Ministry of Health and Family Welfare (MoHFW) said on Wednesday.
“AIIMS The attack on the Delhi server was carried out by the Chinese, FIR details that the attack came from China. Out of 100 servers (40 physical and 60 virtual), five physical servers were successfully infiltrated by the hackers. The damage would have been far worse but is now contained. The data on the five servers has now been successfully retrieved,” the Department of Health and Family Welfare (MoHFW) source said.
AIIMS Delhi first reported an outage of its servers on November 23rd. Two of the analysts deployed to oversee the security of the servers have also been suspended for allegedly violating Internet security.
The AIIMS authorities said in a released statement that the e-hospital data has been recovered.
“The eHospital data has been restored to the servers. The network will be cleaned up before services can be restored. The process takes some time due to the volume of data and a large number of servers/computers for the hospital services. Measures are in place for cyber security,” they said. “All hospital services, including outpatient, inpatient, laboratory, etc., continue to run in manual mode,” the statement said.
Earlier this month, a special unit of the Delhi Police launched an investigation into the attack on the computer system of AIIMS Delhi.
According to official sources, a team from the Central Forensic Lab (CFSL) was tasked to scan the infected server of the AIIMS Delhi to identify the source of the malware attack.
