Ransomware Attacks are a specific type of internet virus.When they infect your computer system, they will corrupt your data files, making them unusable. When you try to open a file, you are led to a release page where the hacker will offer to release your files for a fee. The most famous ransomware attack, which swept through the IT world in May 2017, was aptly named 'wanna cry'.
Commonly these files infect your system tagged to false emails that look harmless, eg: like an iTunes receipt. They often come in from messages from accounts in your address box, so you are more likely to trust these emails instinctively. When you open the file, your system then becomes infected. It may not be apparent for a couple of days that you have been infected. During this incubation period, the virus can replicate itself and infect more computers on your network before detonating. The ransomware virus 'wanna cry' specifically locked, renamed and password protected all the Microsoft office files on affected systems.
Instinctively you may feel the fee is reasonable to release your files and get up and running again, but much more damage can be done to your system by paying the ransom. In doing so, you will give the hacker access to all your computer network allowing them to encrypt your patient's files and invariably, a higher ransom for release will be demanded. The message is simple – don't pay the kidnappers!
It is important to pay attention to your IT security in order to avoid exposing yourself to ransomware risk. If you have a good back up (in house and online), you can identify when and where the virus initially entered the system and if you are unfortunate enough to become infected,having rigid security allows you to back up your system to a point behind the infection point and destroy/wipe the hard-drive of the initially infected machine. Data breaches like ransomware attacks have to be reported to the Data Commissioner within 72 hours of infection or you could face fines under GDPR as well as a review of your system by the Data Commissioner.
If you haven't yet considered this risk, it is worth the time and effort to take all the steps needed to minimise the risk of an attack on your business. The consequences of a ransomware attack can be catastrophic.
The first thing to do is to stop all email in the practice,other than Healthmail. This must include all practice staff,doctors, trainees and yourself. Have an account outside practice, like Gmail. This should only be opened by one person, ideally the practice manager. This account should only be used for practice affairs, not for booking holidays or shopping online. If an unexpected email comes into the account, phone the sender to confirm its legitimacy before opening it.Make sure you have good antivirus software installed and ensure Microsoft software updates are running on all computers. Consider investing in online backup and data recovery as it will prove to be money well spent in the event of an attack.For further information, see section five of the 'Processing of Patient Personal Data' page on the ICGP website.
Visit our Clinical Hub ยป
