AIIMS Cyber Attack. -A Lesson to be Learned

 AIIMS cyber attack has exposed how secured these critical institutions’ web spaces are.

Its been 8 days and the system has not been restored completely.The experts and the anons of dark web highlighted many vulnerabilities in the system.

Apparently unknown staff member clicked on a link months ago at external unrelated websites (gaming etc) and allowed ransomeware inside system.They encrypted the main servers & other connected networks data for several months. (In simple words data is there but in unreadable locked format & they are having key to unlock it).

Though some media reported attackers have demanded ransom, officials are denying it.Imagine the unprepared system that couldn’t detect the threat all this while. Other connected AIIMS centers are also affected.

Several ministries & agencies like MHA, NIA, IB, CBI, CERT are looped in. Now support from private cyber security firms is also extended.Meanwhile OPD services, lab reports etc are running in manual (offline) mode.

With exponential growth in digitisation, security part can not be left behind. Its like driving @ 150kmph without seat belt & airbags.

Smartphones and internet revolution brought India’s around 80% data traffic on mobile & rest is on desktop. Now with 5G & IoT (internet of things) devices security & so vulnerabilities is critical focus.The point that disturbs is with rapid e-governance projects few govt state&centr websites are not even https. In simple words its bare minimum security that any website should have.Let’s hope that AIIMS incident be the alarming call and related ministries will aggressively make system more secured with awareness for resp staff and competent cyber security specialists to take preventive & predictive measures to deal with cyber attacks.