According to a source, security agencies investigating the AIIMS cyber attack have approached E&Y executives to see if they discovered any vulnerabilities in the hospital's system when they audited it a few months ago.
Security agencies have contacted consultancy firm Ernst and Young (E&Y) about the cyber-attack on the All India Institute of Medical Sciences (AIIMS) in Delhi on November 23. The attack has rendered the servers and e-hospital services at the country's premier public healthcare facility inoperable, causing significant disruption to patients.
A government source told The Hindu that AIIMS had engaged E&Y, a third party, to conduct an audit of its cyber-systems in the middle of this year. One law enforcement agency had called E&Y executives last week, to assist in the probe and to examine if the auditors had found any vulnerabilities in the system.
According to the source, investigators believe the attack on the AIIMS servers began about two months ago at the request of State-sponsored actors from a neighbouring country.
Vulnerabilities in known software
"AIIMS servers were running on Zimbra software, which specialises in email services." The vulnerabilities in Zimbra were discovered in February of this year. It remains to be seen what precautions AIIMS took to close the gaps," the source said. Synacor, a software and services company based in the United States, owns Zimbra.
AIIMS director M. Srinivas did not respond to text messages or calls from The Hindu. An E&Y executive also did not respond to a question from The Hindu on the examination of its executives by a government agency.
The AIIMS said in a statement on November 23 that the National Informatics Centre (NIC) had informed it that its servers were down, possibly due to a ransomware attack.
Following the incident, Delhi Police filed a First Information Report under Section 385 of the Indian Penal Code (which refers to putting someone in fear of injury in order to commit extortion) and Section 66/66F of the Information Technology Act, which pertains to cyber terrorism and computer-related offences against unknown people.
‘Conspiracy’
On December 2, Minister of State for Electronics and IT Rajeev Chandrasekhar stated that the attack on AIIMS Delhi servers was a conspiracy orchestrated by powerful forces.
Though the case was registered by the Delhi Police, a number of government agencies, including the Computer Emergency Response System (CERT-IN), the National Investigation Agency (NIA), and the National Security Council Secretariat (NSCS), are also looking into the incident. The Ministry of Home Affairs (MHA) convened a meeting with all agencies, including the AIIMS director, on November 29 to discuss the cyber attack.
Previously, a Delhi Police official stated that the AIIMS server was vulnerable to hacking due to a lack of security features.
0 Comments