AIIMS-Delhi working on cyber security policy as servers remain down

The AIIMS, Delhi is working on devising a cyber security policy for the hospital and other wings with guidance from investigating agencies, official sources said on Thursday, even as its servers remained down for the ninth day following a ransomware attack.

Recommendations have been sought from the investigating agencies, they said.

Besides, a chief information security officer (CISO) is being appointed on an ad hoc basis for emergency cyber security measures to be taken at the All India Institute of Medical Sciences (AIIMS) here to restart the eHospital services and prevent such incidents in the future.

The Indian Computer Emergency Response Team within the Ministry of Electronics and Information Technology, Delhi cybercrime special cell, Indian Cybercrime Coordination Centre, Intelligence Bureau, Central Bureau of Investigation, National Forensic Sciences University, National Critical Information Infrastructure Protection Centre, and National Investigation Agency, etc. are investigating the cyber attack.

Meanwhile, internet services at the AIIMS continued to be blocked as per the recommendations of the investigating agencies.

Patient care services including outpatient, laboratory, inpatient and emergency, etc. are operating in manual mode.

On Tuesday, AIIMS authorities informed that the eHospital data has been restored on the servers. They said that the network is being sanitised before the services can be restored.

The process is taking some time due to the volume of data and large number of servers/computers for the hospital services. Measures are being taken for cyber security, the AIIMS had said in a statement issued on Tuesday.

A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25 in connection with the ransomware attack.