The cyber attack on the AIIMS, Delhi servers is suspected to have originated from locations in China and Hong Kong, official sources said on Wednesday.
Further details have been sought which can be obtained from companies in China and Hong Kong. The Delhi Police has written to the Central Bureau of Investigation (CBI), which will in turn obtain the information through Interpol, they said.
"As of now, the server attack is suspected to have originated from a location in China and a location in Hong Kong," an official source said.
The All India Institute of Medical Sciences, Delhi has around 40 physical and 100 virtual servers. Five have shown signs of virus infection. Data in the five servers is learnt to have been retrieved.
AIIMS Delhi server attack | FIR details that the attack originated from China. Of 100 servers (40 physical & 60 virtual), five physical servers were successfully infiltrated by the hackers. Data in the five servers have been successfully retrieved now: Senior officials from MoHFW
— ANI (@ANI) December 14, 2022
AIIMS, Delhi faced the cyber attack on November 23 which paralysed its servers. A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25.
The internet services were blocked as per the recommendations of the investigating agencies.
Computer Emergency Response Team (CERT-In), Delhi cybercrime special cell, Indian Cybercrime Coordination Centre, Intelligence Bureau, CBI and National Investigation Agency, etc. are investigating the ransomware incident.
With the servers down, the hospital's outpatient and inpatient digital services, including smart lab, billing, report generation and the appointment system, were affected.
Online services resumed partially from Tuesday, a hospital source said.
Deccan Herald is on WhatsApp Channels| Join now for Breaking News & Editor's Picks