India says Data retrieved after Delhi AIIMS cyber attack originated in China
The attack on the server of the All Indian Institute of Medical Sciences (AIIMS) originated in China, Indian officials from the ministry of health and family welfare said, details of lakhs of patients at the premier hospital has now been retrieved.
"The server attack was by the Chinese; the probe found that it originated from China," said a top source. "Of the 100 servers — 40 physical and 60 virtual — five physical servers were infiltrated by the hackers. The damage could have been far worse but is now contained. Data in the five servers has been successfully retrieved." NDTV reported.
AIIMS Delhi faced a cyber attack on 23 November, paralysing its servers. The Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on 25 November registered a case of extortion and cyber terrorism.
Keep updated, follow The Business Standard's Google news channel
Police have, however, denied reports that hackers asked for Rs 200 crore in cryptocurrency as ransom to restore the system.
The Indian Computer Emergency Response Team within the ministry of electronics and information technology, Delhi cybercrime special cell, Indian Cybercrime Coordination Centre, Intelligence Bureau, Central Bureau of Investigation (CBI), National Forensic Sciences University, National Critical Information Infrastructure Protection Centre and NIA, among others, were investigating the cyber attack, reports Business Standard.
The issue came up in India Parliament two days ago, when senior Congress leader Shashi Tharoor called for a thorough investigation, and measures to ensure no repeat. "The origin, intent and extent of the attack remain unclear," the MP from Thiruvananthapuram had said in the Lok Sabha.
The possibility of this being a "hostile cross-border attack" is a grave concern, Mr Tharoor stressed.
"It also reflects the weak data protection safeguards in our country especially by government institutions," he further said, as per news agency PTI.
Citing the proposed law on personal data protection, he criticised the government for "doing away with" a special category of sensitive personal data, including health data, that required stringent safeguards as per the 2019 draft.
