Team of 5 from NFSU in Delhi, Health News, ET HealthWorld

AIIMS hacking: Team of 5 from NFSU in Delhi

After a ransomware attack on servers at All India Institute of Medical Sciences (AIIMS), Delhi, on November 23, a team from National Forensic Sciences University (NFSU) has been attached officially to the case on Monday.

A team of five experts from the university reached Delhi. Sources close to the development said that the team will be carrying out security assessment, data retrieval and strengthening of the firewall at the AIIMS.

The hackers have allegedly demanded Rs 200 crore in cryptocurrency to give the key to the authorities to decrypt the data as the system remained partially functional for the sixth consecutive day. According to media reports, it’s estimated that the medical records of lakhs of patients could have been compromised due to the attack.

Sources said that as AIIMS Delhi attends to scores of VIP and VVIP patients, their health data could be in danger of reaching the dark web. While scrutiny of various nodes and systems is going on, majority of the work is shifted to manual data entry. Apart from admitted patients, OPD, pharmacy and laboratories are also linked with the system.

“A team comprising cybercrime experts of various domains is sent to Delhi with specific purpose of assisting the agencies working on the case, finding the loophole, retrieval of all possible data and ensuring that such attacks do not take place again,” said sources.

Sunny Vaghela, a city-based cybercrime expert, said that recently Central Depository Services Ltd (CDSL) had also experienced data breach after which all the stock brokers are asked to strengthen their cybersecurity.

“First and foremost, the system should be upgraded with latest security patches to be saved from such attacks. Hackers often find loopholes in the existing system and exploit it which happens when the system is not up-to-date.

Second, the data should be backed up, preferably in cloud storage, so that the system doesn’t get paralyzed completely. Third, never pay the amount, as the decryption key is often not handed over even after the transaction,” he said.

Source link