Cyber security a real concern for healthcare


WHeN THINK TaNK, paRLIaMeNT STReeT, ReveaLeD THaT THe NHS HaD ReCeIveD NeaRLy 30,000 MaLICIOuS eMaILS IN MaRCH aND apRIL THIS yeaR, pHaRMaCy – LIKe MaNy OTHeR pROFeSSIONS – QuICKLy ReCOgNISeD THe MaJOR THReaT pOSeD By CyBeR aTTaCKS…


e


arlier this year, the World Health Organisation had set the ball rolling when it revealed that


cyber attacks had increased five-fold on the same period last year, but parliament Street’s revelation brought home to everyone how healthcare in particular was under direct threat from cyber hackers.


The revelation was closely followed by the findings of a new report – ‘Cybersecurity: Building Business Resilience’ – by Robert Walters and data provider, vacancysoft, which suggested SMes in the uK are at risk of 65,000 cyber security attacks daily – with around 4,500 of these being successful.


even more worryingly, cyber security experts have warned of malicious cyber campaigns targeting healthcare organisations involved in the COvID-19 response.


The uK’s National Cyber Security Centre (NCSC) has revealed that it has spotted large-scale ‘password-spraying’ campaigns against healthcare and medical research organisations.


16 - pHaRMaCy IN FOCuS


password spraying is the term used when individuals or a group are attempting to access large numbers of accounts using commonly-known passwords.


‘protecting the healthcare sector is the NCSC’s first and foremost priority at this time,’ said paul Chichester, NCSC director of operations, ‘and we’re working closely with the NHS to keep their systems safe.


‘By prioritising any requests for support from health organisations and remaining in close contact with industries involved in the coronavirus response, we can inform them of any malicious activity and take the necessary steps to help them defend against it.


‘But we can’t do this alone, and we recommend healthcare policy makers and researchers take our actionable steps to defend themselves from password spraying campaigns.’


So how do you keep your pharmacy cyber safe in these particularly challenging times? Here are our top tips for protecting your cyber security...


Assess the current state of your protection your first step in protecting your pharmacy against the threat of cyber attack is to carry out a review of the current state of your cyber security. To do this you can utilise self- assessment tools or checklists, or can have an evaluation carried out by a third-party expert. Bring yourself up to date with the process for reverting your pharmacy system to the most recent back-up. This will ensure that, should a system crash occur, you’ll know what to do to act quickly and successfully.


Raise staff awareness Make sure that every member of your pharmacy team is aware of the risks from scam or fake emails. Hold regular training sessions to ensure that everyone is fully up to date with cyber threats and establish cyber security template policies that explain to your staff how to safely use your pharmacy’s systems and devices.


Protect your company with anti-phishing solutions Bring your staff up to date about anti- phishing. ‘phishing’ involves users


falling prey to a phishing attack, which is designed to gain information from your company’s computers. In a phishing attack, users receive an email that appears to come from a legitimate source or a trusted sender. The email asks the user to reveal login credentials, such as usernames or passwords, or sensitive information like bank account numbers. Little wonder then that anti-phishing software has become a critical piece of technology for businesses everywhere.


Spear phishing now takes this technique to a new level. Spear phishing targets individuals and companies with information gathered from social networking sites, enabling the hacker to appear to be a colleague. Because these types of attacks are based on user behaviour, most anti-phishing training is designed to show users how to spot phishing attempts. It’s estimated that more than 90 per cent of successful hacking attacks begin with a phishing email and so the important of anti-phishing training goes without saying.


>


Photo by Markus Spiske on Unsplash


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48