Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cyber Response Framework. Show all posts

AIIMS Ransomware Attack Leads to a New Cyber Response Framework


On November 23, 2022, the All India Institute of Medical Science, Delhi (AIIMS), suffered a cyber attack  that was labeled by police as “cyber terrorism.” As a result of the cyberattack, offline patient services like appointment booking, billing, and diagnostic reporting of the country’s principal government hospital were halted. 

Since the attack targeted the hospital’s primary and backup servers, patients and the workforce were left with no access to records or test reports for a brief time. In response to the ransomware attack on AIIMS, the government was prompted to create a cyber response mechanism, according to former cybersecurity chief Lt Gen Rajesh Pant.

National Cybersecurity Response Framework

The ransomware attack impelled the government into establishing a national cybersecurity response framework (NCRF). According to Pant, the attack has shone a spotlight on the need to protect “critical infrastructure.” “It was realized that critical sectors need to have a uniform framework to respond to cybersecurity[…]So, the NCRF was conceptualised. It will be put in the public domain for critical infrastructure, such as those in the power and health sectors to implement,” said Pant.

The framework, according to the former NCRF chief, establishes dependable businesses and supply chain procedures and outlines the design of a cyber defense system.

While the National Informatics Centre and Computer Emergency Response Team (CERT-In) teams began working on an investigation into the incident, the Intelligence Fusion and Strategic Operations (IFSO) cell of the Delhi Police filed an FIR against unidentified individuals alleging violations of the cyber terrorism act.

As per Pant, the AIIMS attacks presented certain loopholes in the present cyber defenses, serving as a lesson to be better prepared with critical information infrastructure and address vulnerabilities. “The manner in which the network was architected, was not done by professionals but by a team of doctors. There were too many loopholes in the network, and it was easy to get into the network[…]A lot of lessons have come out from the incident from a government point of view, and these will, hopefully be implemented,” he said. Moreover, he noted that this framework would address some significant gaps in the response mechanisms. “There is a need for standard operating procedures to handle such incidents to that steps for mitigation are taken with immediate effect.”

Adding to this, he addressed a need for inter-ministerial cooperation and the setting up of a nodal ministry to address cybersecurity threats since cybersecurity is constantly evolving. “According to the business allocation rules, no ministry is solely dedicated to addressing such incidents. The concept of peace has changed today, there is no peace in cyberspace,” he added.