Online Systems Still Down After Cyber Attack, AIIMS Daily OPD Registrations Fall Substantially

All hospital services, including outpatient and in-patient departments and laboratories, continue to run on manual mode.

New Delhi: There has been a 20% increase in the number of walk-in OPD patients at the All India Institute of Medical Sciences (AIIMS), leading to long queues as the premier government’s hospital’s online appointment system remained shut for the eighth consecutive day on Wednesday following a cyber attack.

Officials said the hospital authorities have deployed additional staff to manage the rush of patients. All hospital services, including outpatient and in-patient departments and laboratories, continue to run on manual mode. An AIIMS administrative worker told The Wire that while on a regular day, there are about 15,000 OPD registrations at the hospital, this is currently down to less 5,000.

Besides the OPD, long queues were witnessed outside diagnostic centres and billing counters at the AIIMS as the hospital authorities along with other agencies struggled to restore the servers.

The AIIMS authorities said Tuesday that the e-Hospital data has been restored on the servers. They said the network is being sanitised before the services can be restored.

The process is taking some time due to the volume of data and the large number of servers/computers. Measures are being taken for cyber security, the AIIMS said in a statement.

For emergency cases, WhatsApp has come to the rescue as doctors used the app to share test reports of patients among departments to ensure quick delivery of treatment. “If done physically, it would take hours if not days given the high volume of patients that the institute is dealing with daily,” a doctor told PTI.

While doctors wrote all reports physically, patients waited for their turn for long hours at various departments.

A 50-year-old Noida resident, Manotosh, who had severe stomach pain, had to wait nearly 12 hours before he could get an appointment. “I stood at the OPD queue early in the morning and could see the doctor only late afternoon. There were several like me who also waited long for an appointment,” Manotosh told PTI.

“Patients who had taken prior appointments and those who are unable to get appointments are just walking in. There is an increase of around 20% in the number of walk-in OPD patients. We have deployed additional doctors from other units of the same department to manage the rush,” AIIMS Medical Superintendent Dr D.K. Sharma said.

Most of the administrative processes related to patient care are being undertaken manually. “We have deployed additional data entry operators from other areas to manage registrations, etc.,” he said.

A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25.

PTI reported that said internet services at the hospital are blocked on the recommendations of the investigating agencies.

According to PTI, the NIC e-Hospital at AIIMS is using 24 servers for various hospital modules and four of these servers were infected with ransomware – primary and secondary database servers of e-Hospital, primary application and primary database servers of laboratory information system (LIS).

Later, ransomware was also found in the elastic search virtual servers. However, Scroll.in reports that hospital officials are unwilling to confirm that a ransom has been demanded.

Four new physical servers were arranged, including two from external agencies, for restoring e-Hospital applications. The applications and databases were restored on these four new servers which have been scanned and data is accessible.

Four more servers of NIC applications were scanned. Of these, viruses were found in two servers.

“AIIMS has around 40 physical and 100 virtual servers. Five have shown signs of virus infection. These servers are also being set up for scanning and new servers with updated configurations are being purchased as most servers at AIIMS were end of life/end of support,” one of the sources said.

Antivirus has been manually installed on nearly 2400 computers, the source said.

Several agencies, including CERT-In, Delhi Police, Indian Cyber Crime Coordination Centre, Intelligence Bureau, Central Bureau of Investigation and the National Investigation Agency, are looking into various aspects of the breach in the hospital servers.

(With PTI inputs)