| Recurring |
one_organization, multiple_organization |
(a) The software failure incident happened again at the Indian Council of Medical Research (ICMR) after the cyberattack on the All India Institute of Medical Sciences. There were repeated but ultimately unsuccessful attempts to breach the website of the Indian Council of Medical Research on Nov. 30 [136687].
(b) The incident at the All India Institute of Medical Sciences raised concerns about the vulnerability of India's health system to cyberattacks, indicating a potential issue affecting multiple organizations in the healthcare sector as the government pushes hospitals to digitize their records [136687]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident at the All India Institute of Medical Sciences in New Delhi was due to a cyberattack that crippled its operations for nearly two weeks. The hospital's servers storing laboratory data and patient records were hacked and corrupted, leading to healthcare workers being unable to access patient reports [136687].
(b) The operation of the hospital was impacted by the cyberattack as healthcare workers couldn't access patient reports, resulting in long queues, chaos, and delays in patient care. Patients faced difficulties in booking appointments online, and doctors were unable to access medical histories, affecting the overall functioning of the hospital [136687]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident at the All India Institute of Medical Sciences in New Delhi was primarily due to a cyberattack that originated from within the system itself. The hospital's servers storing laboratory data and patient records were hacked and corrupted, leading to the inability of healthcare workers to access patient reports and causing chaos in patient care [136687]. Additionally, the failure to safeguard the digitized health records within the hospital's system contributed to the disruption in operations [136687].
(b) outside_system: The cyberattack on the hospital's system was not attributed to any specific external entity or source in the articles. The origin and perpetrators of the attack remain unclear, as hospital authorities did not respond to requests for comment [136687]. However, the incident was followed by failed attempts to hack India's top medical research organization, the Indian Council of Medical Research, indicating a broader concern about cybersecurity vulnerabilities in the country's health system [136687]. |
| Nature (Human/Non-human) |
non-human_actions |
(a) The software failure incident at the All India Institute of Medical Sciences was due to a cyberattack, which is a non-human action [136687]. The cyberattack crippled the hospital's operations for nearly two weeks, leading to the hacking and corruption of servers storing laboratory data and patient records. This resulted in healthcare workers being unable to access patient reports, causing chaos and long queues at the hospital [136687].
(b) The incident also highlighted concerns about the vulnerability of India's health system to cyberattacks, especially as the government pushes for digitization of health records. Experts have raised fears that hospitals may not have the expertise to ensure digital security, emphasizing the importance of safeguarding systems against such attacks [136687]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident at the All India Institute of Medical Sciences in New Delhi was primarily due to a cyberattack, which is a contributing factor originating in hardware. The cyberattack crippled the hospital's operations by hacking and corrupting the servers that store laboratory data and patient records [136687].
(b) The software failure incident was also due to contributing factors originating in software. The hospital's digital attack resulted in healthcare workers being unable to access patient reports, appointments not being bookable online, and doctors being unable to access patients' medical history, all of which are software-related issues [136687]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident at the All India Institute of Medical Sciences was malicious in nature, as it was a cyberattack that crippled the hospital's operations for nearly two weeks. The attack on the hospital's servers led to the hacking and corruption of patient records and laboratory data, preventing healthcare workers from accessing crucial information needed for patient care [136687]. Additionally, there were subsequent failed attempts to hack the Indian Council of Medical Research, indicating a coordinated effort to target critical healthcare institutions in India [136687]. The attack on these institutions raised serious concerns about the cybersecurity of the country and highlighted the vulnerability of India's health system to malicious cyber activities [136687]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The software failure incident at the All India Institute of Medical Sciences in New Delhi was primarily due to poor decisions related to cybersecurity. The hospital had digitized its health records without ensuring proper safeguards, making it vulnerable to cyberattacks. Srinivas Kodali, a researcher with the Free Software Movement of India, highlighted the risks of digitizing the healthcare system without adequate security measures, stating that it could "kill an entire hospital" [136687]. Additionally, the incident raised concerns about the cybersecurity of India's health system, with a member of Parliament noting serious questions about the country's cybersecurity [136687]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident at the All India Institute of Medical Sciences in New Delhi was a result of a cyberattack that crippled its operations for nearly two weeks. The hospital's servers storing laboratory data and patient records were hacked and corrupted, leading to healthcare workers being unable to access patient reports [136687].
(b) The cyberattack on the hospital and the subsequent failed attempts to hack India's top medical research organization, the Indian Council of Medical Research, were accidental incidents caused by external malicious actors attempting to breach the systems. The hospital authorities did not respond to requests for comment, indicating that the attack was not intentional or caused by internal incompetence [136687]. |
| Duration |
temporary |
(a) The software failure incident at the All India Institute of Medical Sciences in New Delhi was temporary. It lasted for nearly two weeks before the hospital was able to access its server and recover lost data, allowing online registration of patients to resume [136687]. |
| Behaviour |
crash, omission, other |
(a) crash: The software failure incident at the All India Institute of Medical Sciences in New Delhi resulted in a crash where the hospital's operations were crippled for nearly two weeks. Healthcare workers couldn't access patient reports because the servers storing laboratory data and patient records had been hacked and corrupted, leading to the system not functioning as intended [136687].
(b) omission: The digital attack on the hospital led to instances where appointments couldn't be booked online, and doctors couldn't access patients' medical history, resulting in the system omitting to perform its intended functions at those instances [136687].
(c) timing: There is no specific mention of the software failure incident being related to timing issues in the articles.
(d) value: The incident did not involve the system performing its intended functions incorrectly.
(e) byzantine: The articles do not describe the software failure incident as involving inconsistent responses or interactions.
(f) other: The software failure incident also led to chaos and long queues at the hospital, impacting the overall efficiency and functionality of the healthcare system beyond just the direct digital aspects [136687]. |