AIIMS Delhi reported a malfunction in its server on November 23. Nine days since then, India’s top most medical institution has still not come online. All its services are being run on manual mode.
The investigative agencies are trying to establish who was behind the attack and whether it originated from outside the country.
Media reports quoted AIIMS officials who said that the restoration work on the AIIMS database is ongoing and that online services “are likely start from the end of this week in a phased manner.”
Internet services at the hospital have been blocked on the recommendation of investigating agencies.

Why cyberattacks on hospitals are dangerous

Cyberattacks on hospitals can put lives at stake. The disruption of online services has thrown daily operations out of gear at AIIMS – there are long queues at OPDs, billing counters and diagnostic centres as the hospital runs on manual mode.
However, cyberattacks can be life-threatening too causing major disruptions. Previous ransomware attacks in the US have delayed chemotherapy treatments and diverted ambulances. The first “death by ransomware” lawsuit was filed in the US in 2021 when a mother blamed a hacking “for fatal brain damage of her newborn after heart rate monitors failed”, The Guardian reported.
Hospitals have increasingly relied on digitising patient information but they typically operate on a small internet budget. There is not much funding for cyber security. The Covid pandemic has also squeezed hospital budgets. A ransomware attack can not only expose patient information including health history and billing, cause deaths due to failing devices but it also has implications for national security.