ONE OF INDIA’S largest hospitals, the All India Institute of Medical Sciences (AIIMS) in New Delhi, was hit by a ransomware attack in November 2022. The attack cut off access to approximately 1.3 terabytes of data and impacted the hospital’s electronic medical records system. Its patient scheduling and billing systems were also affected, forcing the hospital to curtail its outpatient services for several days. Not only did it inconvenience patients, it also resulted in substantial financial losses for the hospital. After this incident, AIIMS strengthened its network by switching to a dedicated and secure local area network, among other security measures. Six months later, when another malware attack was mounted, it was thwarted.
This isn’t an isolated incident. Such instances are rising across both government and private enterprises. Data from Indian Computer Emergency Response Team (CERT-In) reveals that India Inc. encountered nearly 1.4 million cyberattacks in 2022, and among these, attacks on cloud systems were the highest. “With the adoption of digital technologies, critical infrastructure systems are no longer air-gapped, exposing them to significant cyber vulnerabilities. This shift has become particularly evident due to the increased reliance on digital solutions, virtualisation of government and citizen
