Months after a massive cyber attack at the All India Institute of Medical Sciences (AIIMS) in Delhi, the government is yet to come up with a satisfactory answer as to what happened to the patient data that was encrypted and may have been exfiltrated by the hackers.
Sensitive data of 40 million patients, including political leaders and other VIPs, were potentially compromised in the hacking.
As per sources, the AIIMS server was hacked by the Chinese. The government has maintained that the services were restored and the patient data have been repopulated into the system, but the most important question is what happened to the compromised data? Did they make their way to the dark web?
Could non-state people have accessed it?
The attack was analysed by the Indian Computer Emergency Response Team (CERT-In) and was found to have been caused by improper network segmentation.
According to Union Minister for State for Electronics and Information Technology, Rajeev Chandrasekhar, the attack was carried out by unknown threat actors.
In a written reply to the Parliament, the minister said that CERT-In and other stakeholders have advised necessary remedial measures to prevent such incidents from happening again in the future.
The number of cyber security incidents in India has been on the rise, with 4.5 million cases being reported and tracked in the last five years, Chandrasekhar said in his reply.
This highlights the need for organisations to have robust cyber security measures in place to protect their sensitive information.
Speaking to IANS, Pavan Duggal, the Founder and Chairman of International Commission on Cyber Security Law, said that the time has come to wake up post the AIIMS ransomware attack.
"It is time to come up with specific legal provisions to deal with ransomware. In America, they have actually now made it an offence when somebody pays a ransom, because it is said to be aiding the cyber criminal," said Duggal.
"Whenever a cyber crime takes place, often it's accompanied by a cyber security breach. So that means we cannot now look at them as distinctive silos, but as overlapping fields. And, therefore, legal frameworks are required and sensitising people about these newly-emerging avatars and manifestations of cyber crime are needed," said Duggal.
"Across the world, countries are roughly in a similar kind of position that India is, except that the challenges for India are far too huge. Most of the cyber criminal activities are being targeted on Indians," he added.
--IANS
ssh/arm
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve hit your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Quarterly Starter
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Access to Exclusive Premium Stories Online
Over 30 behind the paywall stories daily, handpicked by our editors for subscribers


Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share


Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor


Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements


Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app