• United States



Apurva Venkat
Special Correspondent

Ransomware attack forces top Indian medical institute into manual mode

Nov 24, 20223 mins

Hospital management system at AIIMS is down for over 24 hours, affecting admission, discharge, billing, report generation etc.

ransomware attack
Credit: Huawei

The All India Institute of Medical Sciences (AIIMS), New Delhi, one of India’s top medical institutes, has been forced to operate manually due to a ransomware attack on its hospital management system on Wednesday morning, which severely impacted several services.

On Thursday, the hospital issued a fresh set of standard operating procedures for admission, discharge and transfer of patients to be done manually while the systems are down, according to ANI News.

Birth and death certificates will also be made manually on physical forms, as per the instructions of the working committee. The hospital has stated that only urgent samples are to be sent with filled forms and only urgent investigations are to be sent until the systems don’t get back online.

AIIMS is a multi-speciality research university and hospital that is visited by thousands of patients from across the country. It operates autonomously under the Ministry of Health and Family welfare. 

OPD and inpatient services affected 

The hospital administration said in a statement on Wednesday evening that several outpatient and inpatient digital services were affected due to the attack. At the time of writing, the systems remained affected.

“Today the server for the National Informatics Centre’s eHospital being used at AIIMS New Delhi was down due to which outpatient and inpatient digital hospital services including smart lab, billing, report generation, appointment system etc, have been affected. All these services are running on manual mode currently,” the statement said.

AIIMS has already reported the incident to the appropriate law enforcement authorities and the matter is under investigation. “Measures are being taken to restore the digital services and support is being sought from the Indian Computer Emergency Response Team (Cert-In) and National Informatics Centre,” AIIMS said. 

According to patients’ tweets, doctors were not able to generate barcodes to send samples for testing or check patient reports stored digitally.

AIIMS did not clarify if there has been any demand made for a ransom yet. It also did not clarify if the attack impacted AIIMS facilities in other Indian cities. There are eight AIIMS facilities across India. 

Attackers are targeting medical institutions

Medical institutions have increasingly been on the radar of threat actors due to the huge amount of personal patient information they store that can be sold on the dark web. In the first four months of 2022, cyberattacks against the healthcare industry increased by over 95% compared to the same period last year, according to a report by CloudSek. 

Just last month, CommonSpirit Health was hit by a cyberattack due to which the company had to take certain computer systems offline. The Chicago-based company operates 140 hospitals and more than 1,000 care sites across 21 states in the US. Earlier this month, the healthcare company said it is still working on bringing its systems online and restore full functionality. 

Apurva Venkat
Special Correspondent

Apurva Venkat is principal correspondent for the India editions of CIO, CSO, and Computerworld. She has previously worked at ISMG, IDG India, Bangalore Mirror, and Business Standard, where she reported on developments in technology, businesses, startups, fintech, e-commerce, cybersecurity, civic news, and education.

More from this author