JOIN USIndia: Threatened by Cybergeddon?
Delhi’s famed AIIMS of late came under cyberattack. Not that any bomb was dropped like in a war zone. It was all in cyberspace. Patients, who came in large numbers from across the northern states, were unable to book appointments online for days, doctors were not able to access medical files, test results could not be uploaded. People suffered, thanks to a hacking attack which is believed to have originated in China.
The attack on its ‘eHospital’ platform has led to huge disruptions in the premier hospital. The experts say data has been restored on the servers after sanitising the network. However, services have not yet resumed fully, as the process is taking some time due to the volume of data and large number of servers and computers used for the hospital services.
A week after the AIIMS incident, the Indian Council of Medical Research (ICMR) website on November 30 faced 6,000 hacking attempts in 24 hours. On December 4, the Safdarjung Hospital faced a cyberattack, that impacted services for a day.
Cyberattacks on India’s critical infrastructure and sectors like health are increasing day by day, raising questions about how prepared the country is for such offensives.
Also Read | Cyberattacks: India needs to harden its defences
The latest cyberattacks on the AIIMS, Safdarjung Hospital and ICMR point fingers at actors in China.
It is not the health sector alone that is facing cyberattacks. A report earlier this year showed that the Indian petroleum refineries network saw over 3.2 lakh cyberattacks between October 2021 and April this year.
After the 2019 cyberattack on the Kudankulam Nuclear Power Plant, the measures implemented based on the recommendations of the Computer and Information Security Advisory Group (CISAG) and the Indian Computer Emergency Response Team (CERT-In) included physical separation of Intranet and Internet access, secure virtual browsing terminal for dedicated internet use, secure data transfer provisions requiring authentication, independent security review prior to posting of new web applications.
The NIC has asked government organisations and public sector enterprises to keep the firewalls and the security patches of the operating systems updated.
The officials also said that the government was operating an automated cyber threat exchange platform for proactively collecting, analysing and sharing tailored alerts with organisations across sectors. It had also formulated a Cyber Crisis Management Plan for countering hacking attacks for implementation by all agencies of the union and state governments.
While the government talks about its proactive measures on tackling cyber attacks, the attack on the AIIMS servers is undoubtedly a wake up call for the country’s security managers. As those indulging in cyber warfare are updating and upgrading themselves, the question remains if India is matching up to them.