AIIMS cyber attack puts digital health ID plan under scanner
NEW DELHI : The ransomware attack on the All India Institute of Medical Sciences (AIIMS), Delhi has brought the government’s Ayushman Bharat Digital Mission (ABDM) under the scanner, with the country’s premier teaching hospital promoting the use of Ayushman Bharat Health Account (ABHA) ID for out-patients registration of new and follow-up cases.
The Indian Computer Emergency Response Team (CERT-In) is conducting assessment and testing of ABDM services and other networks at the medical institute.
AIIMS on 23 November said it had come under a cyber attack and that an FIR had been filed with the Delhi Police.
On Friday Dr Bharati Pravin Pawar, union minister of state for health told the Lok Sabha the national nodal agency for responding to cyber security incidents, CERT-In, has empaneled information security auditing organizations for auditing. This includes “vulnerability assessment and penetration testing of the computer systems, networks and applications involving public service delivery including ABDM.”
“Immediate measures were taken by AIIMS, Delhi to enhance the security like endpoint hardening, string firewall policies and network segmentation to secure all the data of the institute.”
Pawar added that five physical servers of AIIMS, New Delhi, which hosted the e-hospital app of NIC, were affected.
“No specific amount of ransom was demanded by the hackers though a message was discovered on the server suggesting that it was a cyber-attack. All the data for e-Hospital has been retrieved from a backup server which was unaffected and restored on new servers,” she said.
