Around 6000 Attempts Made To Hack ICMR On Nov 30
Even as e-hospital facility at AIIMS has witnessed a cyber attack, over 6,000 attempts were made to hack the server of the Indian Council of Medical Research (ICMR) on November 30 but these were prevented, official sources said.
The sources said that the ICMR website is safe and noted that the firewall is regularly updated. They said hackers’ IPs were traced to a blacklisted IP based in Hong Kong.
“The site is hosted at NIC Data Centre, the firewall is from NIC (National Informatics Centre) and is regularly updated. NIC was informed through email regarding a cyber attack and has reported that the attack was prevented. ICMR has found the website in the order,” a source said.
The sources said hackers “tried to hack ICMR website 6000 times on November 30”.
“Hackers’ IPs were traced to a blacklisted IP based in Hong Kong. The website, however, couldn’t be hacked because of updated firewall and enhanced security measures being adopted,” the source said.
Official sources said cyber-attack strategies are constantly evolving and securing cyberinfrastructure and data is a dynamic process.
The sources said that the ICMR website did not witness any downtime following the cyberattack. However, they noted that similar attacks by hackers on ICMR cyberinfrastructure are regular and cyber security infrastructure needs to be strengthened.
“The current news is regarding an attempted attack on the ICMR website that was prevented by the firewall/security measures of NIC. The contents of the website have been checked and found safe. The website did not witness any downtime,” the source said.
“However, similar attacks by hackers on ICMR cyberinfrastructure are regular; hence, cyber security infrastructure needs to be updated and strengthened to prevent future damage. There are limited vendors under the Make-In-India category for state-of-the-art cyberinfrastructure such as Network switches, Access Points, Storage, etc., accordingly possibilities of other options will also be explored,” the source added.
The sources said that the Secretary of, the Department of Health Research (DHR) and the Director General of ICMR reviewed cyber infrastructure and security practices at ICMR on December 2.
It was briefed that the website of ICMR is hosted in the NIC cloud after a security audit by a CERT-IN empaneled agency.
“The website is protected by NIC firewall and other security measures. ICMR also in-house hosts web and data portals of various programmes of ICMR. The in-house infrastructure is protected by a customized open-source firewall (PFSense). Further, inbound and outbound internet traffic is strictly controlled and regularly monitored for any suspicious activity on all the active interfaces. DHR regularly issues advisories regarding cyber-security practices to all the ICMR institutes and centres,” the source said.
Safdarjung hospital had said last week that the hospital was hit by a cyberattack in the middle of November but there was not much impact on services as the OPD process is run manually.
“There was a cyber attack, our server was also down in November for a single day but data was secured. The matter was handled by the National informatics Centre (NIC) to revive the systems,” Medical Superintendent, Safdarjung Hospital, Dr. BL Sherwal had said.
“According to my knowledge it wasn’t ransomware,” he added. Another official from the hospital said that IP was blocked.
Services at AIIMS New Delhi continue to be conducted manually following a cyber hack in its e-hospital facility on November 23.
AIIMS authorities said that e-hospital services are likely to start middle of this week. Sources said about 4000 computers have been scanned and anti-virus has been uploaded for additional safety. (ANI)
Read More: http://188.8.131.52/