The news over the past few days highlights the fact that Cyber crime is imminent, and also very relevant to the healthcare sector. Since Friday 12 May, 150 countries have been affected in one form or another, including over 60 NHS organisations in the UK. Microsoft have issued a warning that this is a wake-up call for companies to take action and protect their valuable data. Are you vulnerable to an attack?
Cyber attack to UK healthcare sector
Ransomware is a type of malicious software, which prevents access to data until a sum of money is paid. In this case, sums of approximately £230 were demanded to return access and analysis by BBC suggests that this could total almost £30,000.
This tactic is used by cyber criminals as a moneymaking machine and recent events show that almost anyone could be the subject of an attack.
The ransomware that affected the NHS in England and Scotland, has been called WannaCry or Wanna Decryptor.
It has so far affected more than 200,000 computers in 150 countries since Friday 12th May, and whilst a second spike hasn’t been reported yet, many systems are not back up and running yet.
In England, 47 NHS trusts reported issues and disruptions in many hospitals and trusts continue, several days later. Also, 13 NHS trusts in Scotland were affected by this attack.
Is your practice vulnerable?
Part of the reason why these Cyber criminals could successfully target the computers of the NHS is reported to be due to out-of-date software and vulnerable systems.
It is vital that you take all measures possible to protect your valuable data and systems.
Consider these questions to ensure you are protected.
- Are you safely managing your valuable data?
- How is your data stored? Do you take back-ups regularly? Do you keep your back-ups off site? Do you restrict passwords and pin codes to senior staff members? Is your data stored in the cloud?
- Do you manage your access rights?
- Have you given different access rights to your team, according to seniority, experience and relevance? Consider who needs access to information like medical records
- Are your staff trained in Cyber security? Reduce your risks by training your staff on the risks of Cyber security
- Ensure your IT systems are up-to-date and with the highest quality of security softwar
- Ensure you run regular updates and back-ups
- Ensure you have adequate IT support by a reputable company
- Do you have insurance against Cyber crime?
Cyber insurance is vital for UK healthcare practices
Even without taking into account the recent NHS security breaches, it is vital to protect your practice data in all ways possible.
The healthcare sector is highly likely to always be a target for cyber criminals, due to the sensitivity of data and the value of patient confidentiality to practice owners.
Cyber criminals know that they can command high ransoms to not leak data so this puts them in a position of power.
Even if your systems are robust, this just reduces the risk, as cyber crime can essentially happen to anyone.
Firstly, take maximum care to protect your data and systems.
Secondly, carefully consider Cyber insurance for peace of mind that should you suffer an attack, compensation will be available to cover payments to patients, legal fees and replacement hardware. Cyber insurance also covers loss of revenue.