Around 6000 attempts made to hack ICMR server on Nov 30; website safe after attacks prevented
Dec 06, 2022
New Delhi [India], December 6 : Even as e-hospital facility at AIIMS has witnessed a cyber attack, over 6,000 attempts were made to hack the server of the Indian Council of Medical Research (ICMR) on November 30 but these were prevented, official sources said.
The sources said that ICMR website is safe and noted that the firewall is regularly updated. They said hackers IP were traced to a blacklisted IP based in Hong Kong.
"The site is hosted at NIC Data Centre, the firewall is from NIC (National Informatics Centre) and is regularly updated. NIC was informed through email regarding a cyber attack and has reported that the attack was prevented. ICMR has found the website in the order," a source said.
They sources said hackers "tried to hack ICMR website 6000 times on November 30".
"Hackers IP were traced to a blacklisted IP based in Hong Kong.The website, however, couldn't be hacked because of updated firewall and enhanced security measures being adopted," the source said.
Official sources said cyber-attack strategies are constantly evolving and securing cyber infrastructure and data is a dynamic process.
The sources said that ICMR website did not witness any downtime following cyberattack. However, they noted that similar attacks by hackers on ICMR cyberinfrastructure are regular and cyber security infrastructure needs to be strengthened.
"The current news is regarding an attempted attack on the ICMR website that was prevented by the firewall/security measures of NIC. The contents of the website have been checked and found safe. The website did not witness any downtime," the source said.
"However, similar attacks by hackers on ICMR cyberinfrastructure are regular; hence, cyber security infrastructure needs to be updated and strengthened to prevent future damage. There are limited vendors under the Make-In-India category for state-of-the-art cyberinfrastructure such as Network switches, Access Points, Storage etc., accordingly possibilities of other options will also be explored," the source added.
The sources said that Secretary, Department of Health Research (DHR) and Director General ICMR reviewed cyber infrastructure and security practices at ICMR on December 2.
It was briefed that the website of ICMR is hosted in the NIC cloud after a security audit by a CERT-IN empaneled agency.
"The website is protected by NIC firewall and other security measures. ICMR also in-house hosts web and data portals of various programmes of ICMR. The in-house infrastructure is protected by a customized open-source firewall (PFSense). Further, inbound and outbound internet traffic is strictly controlled and regularly monitored for any suspicious activity on all the active interfaces. DHR regularly issues advisories regarding cyber-security practices to all the ICMR institutes and centres," the source said.
Safdarjung hospital had said last week that the hospital was hit by a cyberattack in the middle of November but there was not much impact on services as OPD process is run manually.
"There was a cyber attack , our server was also down in November for a single day but data was secured . The matter was handled by National informatics Centre (NIC) who revived the systems," Medical Superintendent, Safdarjung Hospital, Dr BL Sherwal had said.
"According to my knowledge it wasn't ransomeware," he added. Another official from the hospital said that IP was blocked.
Services at AIIMS New Delhi continue to be conducted manually following a cyber hack in its e-hospital facility on November 23.
AIIMS authorities said that e-hospital services are likely to start middle of this week. Sources said about 4000 computers have been scanned and anti-virus has been uploaded for additional safety.