“Ransomware incidents have grown over time with attacks across multiple sectors, including commercial and critical infrastructure,” Minister of State for Electronics and Information Technology Rajeev Chandrasekhar wrote in response to a Parliament question on December 21. The question pertained to ransomware attacks on commercial and critical infrastructure and the cyber-attack on the All India Institute of Medical Sciences (AIIMS) in the recent past. The minister’s reply noted that the perpetrators are using modern and sophisticated methods or tactics of attack and have adopted a wide range of attack campaigns. “Ransomware actors exploit known vulnerabilities, compromised credentials of remote access services and phishing campaigns for gaining access into the infrastructure of organisations,” Chandrasekhar added. On AIIMS ransomware attack When asked about the details of the number of patients whose data had been stolen post the cyber-attack on AIIMS, the minister stated that five servers of AIIMS were affected as per the analysis undertaken by stakeholders, on December 21. No further information on the amount of health data being compromised was provided by the minister. “As per preliminary analysis, servers in the information technology network of AIIMS were compromised by unknown threat actors due to improper network segmentation, which caused operational disruption due to non-functionality of critical applications,” the December 21 statement added. An initial investigation carried out by the Indian Computer Emergency Response Team (CERT-In) had found the attack to originate from another country, MediaNama had reported. Why it matters? Government data shows that there has been a rise in the…
