Indian hospital hit with Bitcoin ransomware attack
Hackers demand ₹200 cr in crypto to restore the AIIMS-Delhi server after six days of shutdown.
Indian hospital cyber attackers demand Bitcoin ransom
Following the breach of the All India Institute of Medical Sciences (AIIMS) server, hackers have allegedly demanded an estimated ₹200 crore in cryptocurrency as ransom from the Delhi hospital. According to a recent report by Mint, a local financial newspaper, AIIMS’ server remains out of order for the sixth consecutive day.
According to Mint, the Indian Computer Emergency Response Team (CERT-IN), Delhi Police, and representatives of the Ministry of Home Affairs are currently investigating the ransomware attack. As per the current market price, the ₹200 crore ransom amount is worth $24.5 million. The situation was registered as a case of extortion and cyber terrorism by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25, 2022.
The AIIMS server breach
The All India Institute of Medical Sciences (AIIMS) announced an attack on its servers on the 22nd of this month. The server containing data of around 40 million patients was breached on Wednesday morning. According to AIIMS, patient care services in emergency, outpatient, inpatient, and laboratory wings are being managed manually as the server remains down.
Millions of data, including those of several VIPs, former prime ministers, ministers, bureaucrats, and judges stored on the server, are feared to have been breached in the hack. Currently, internet services have been blocked on computers at the hospital on the recommendations of the investigating agencies.
However, the NIC e-hospital database and application servers for e-hospital have been restored. The NIC team is scanning and cleaning infections from other e-hospital servers located at AIIMS, which are required to deliver hospital services. Also, Four physical servers arranged for restoring e-hospital services have been scanned and prepared for the databases and applications.
Crypto, ransomware, and cyber attackers
The AIIMS attack has been described as essentially a Ransomware hack. Ransomware is a malicious piece of software that paralyzes victims’ computers and demands payment to regain access to one’s files. Hackers typically target major corporations, hospitals, and universities. Sadly, AIIMS is not the first victim of ransomware fraud. In September 2020, a $4 million ransom was demanded from Argentina’s official immigration agency via a similar server breach.
Nonetheless, efforts are being made to restore the AIIMS network as sanitization is in progress. Also, antivirus solutions have been organized for servers and computers. It has been installed on nearly 1,200 out of 5,000 computers. Twenty of the 50 servers have been scanned, and this activity is ongoing 24×7.