
THIRUVANANTHAPURAM: The massive cyber attack on the servers of the Thiruvananthapuram Regional Cancer Centre (RCC) was the handiwork of Russian cyber criminals, the initial investigation has revealed.
The functioning of several departments, including radiation, was crippled by the ransomware attack that took place on April 28.
Following the incident, the hospital authorities received a ransom demand of $100 million from the hackers.
Sources privy to the probe told TNIE that the initial probe has revealed that the Russian hackers used brute-force attacks to break into the servers of the elite cancer institution.
A brute-force attack is a mode of hacking in which the hacker tries all permutations and combinations to crack the passwords.
Sources revealed that the hackers made use of the glitches in the firewall, a network security device, to gain access to the servers of the RCC. There were glitches in the firewall script, which affected the monitoring of the outbound network traffic too that resulted in data loss. The sources said the hospital’s network security was not up to the mark and that was revealed during the safety auditing conducted by the Computer Emergency Response Team (CERT) and the cyber investigation wing of the state police.
The sources said that due to the glitches in the network, the cyber experts have so far been able to analyse only 25 out of the 140 computers that are networked.
“Analysing the computers has become a big task because of the glitches in the network security,” the sources added.
The functioning of RCC, which is relied upon for cancer treatment by patients even from neighbouring states, was affected by the cyber attack as radiation treatment had to be suspended for several days. The data of about 20 lakh patients was reportedly stolen by the hackers.
Sources said the loss of data will not affect the further treatment of patients as there was data backup.