Cyberattack on top Indian hospital highlights security risk | Cybercrime News
The attack on AIIMS crippled operations because patients could not book appointments, doctors could not access medical records.
The leading hospital in India’s capital limped back to normal operations on Wednesday after a cyberattack crippled its operations for nearly two weeks.
Online patient registration resumed on Tuesday after the hospital was able to access its servers and recover lost data. The hospital has been working with federal authorities to restore the system and strengthen its defenses.
It is not clear who carried out the November 23 attack on the All India Institute of Medical Sciences or its origins. Hospital authorities did not respond to a request for comment.
The attack follows a series of failed attempts to attack India’s leading medical research organization, the Medical Research Council of India. This has further raised concerns about the vulnerability of the Indian health system to attacks at a time when the government is pushing for hospitals to digitize their records.
More than 173,000 hospitals have signed up for the federal program to digitize health records since the program’s launch in September 2021. The program assigns patient codes that are linked to medical information due to the disease. libraries stored on their own servers or in cloud-based storage. Experts have been concerned that hospitals may not have the expertise to ensure digital security.
“Digitalizing the entire healthcare system without really protecting it could kill the entire hospital. It suddenly stopped working,” said Srinivas Kodali, a researcher with the Free Software Movement of India.
That’s what happened to the hospital in New Delhi. Medical staff were unable to access patient reports because the servers storing laboratory data and patient records were hacked and corrupted.
Hospitals often treat thousands of people every day, many of whom travel from faraway places to receive affordable care. Always crowded, the queue at the hospital is even longer and more chaotic.
“The whole system was down because of the hack,” said Deep Ranjan, who arrived in New Delhi from the northeastern state of Assam. He said he had been in line for 5 days and still had not seen a doctor.
Sandeep Kumar, who is traveling with his ailing father, said the digital attack means appointments cannot be booked online and doctors can do little when they see patients because they cannot access their medical history.
“We are digitizing [everything]but then there was an attack on the country’s most important medical institute,” he said.
On November 30, there were multiple attempts to compromise the Indian Council of Medical Research’s website, but were ultimately unsuccessful, the Press Trust of India news agency reported.
KC Venugopal, a member of Parliament from the main opposition Congress party, said the attack on the hospital raised “serious questions about the country’s cybersecurity”.
Last month, India drafted a proposed law governing data privacy, but critics say the law offers few protections for citizens. It has not yet been passed by Congress.