New Delhi, December 2 (IANS): Chinese involvement is suspected in the hacking of the server of All India Institute of Medical Sciences (AIIMS) here, a top source said on Friday, adding that four more servers were on the hackers' target.
The source said that a total of five main servers of AIIMS were targeted by the suspected Chinese hackers. The data hacked from the AIIMS server has reportedly reached the main domain of Dark Web from where it may be sold.
Meanwhile, AIIMS is currently working on devising a cyber security policy with the guidance from investigating agencies, as its server remains down following the cyber attack on November 7.
Delhi Police said on Friday that the forensic images of the impacted server have been sent for analysis.
AIIMS administration and other agencies are in the process of restoring normal service.
On Tuesday, AIIMS had said that the eHospital data has been restored on its server and the network is being sanitised before services can be restored.
"Network being sanitised before services can be restored. The process is taking some time due to the volume of data and large number of servers/computers for the hospital services. Measures are being taken for cyber security," AIIMS had said in a statement.
However, all hospital services, including out-patient, in-patient, laboratories etc., continue to run on manual mode presently.
Meanwhile, the number of incoming patients visiting the hospital has significantly increased leading to a rush-like situation as people are visiting the hospital directly since online appointment is not working.
Minister of State for Electronics and IT Rajeev Chandrasekhar, while terming the AIIMS server attack as a big conspiracy, said that there could be a 'state actor' or big organised gangs behind it.
In an interview with IANS, Chandrasekhar claimed that the server attack was definitely a part of a larger conspiracy. He said that the Indian Computer Emergency Response Team (CERT), National Investigation Agency (NIA) and the Delhi Police are probing the matter.
He added that the government makes various arrangements to protect government institutions from cyber attacks, but AIIMS being an autonomous institution hires private agencies for the purpose.
The government is considering setting a standard to prevent such incidents which would be sent to institutions like AIIMS as an advisory, urging its implementation, he said.
Describing it as an issue of ransomware, the minister said that patients' data had not been leaked so far, but it has been made inaccessible from the hospital. He called it an issue of cyber security.
Chandrasekhar added that the government would bring a Digital Personal Data Protection Bill regarding data breach, after the implementation of which the victims in such cases would be able to complain about their data privacy breach by emailing the Data Protection Board.
