Time To Review Practice Computer Security?

Time To Review Practice Computer Security?

Cyber criminals bombarded NHS staff with nearly 140,000 malicious emails last year, latest figures show.

Figures released by NHS Digital, the national provider of information, data and IT systems for the health service revealed that doctors, nurses and admin staff reported 27,958 suspected phishing emails targeted at the NHSmail email service.

Many NHS dental practices use the NHSmail service and some NHS Trusts won’t accept patient referrals unless they have been sent via official NHS email.

More worryingly, data obtained under a Freedom of Information request by the think tank Parliament Street, revealed that health workers reported 109,491 suspected spam emails throughout the year. Spam emails are widely acknowledged as being the prime carriers of computer viruses.

In May 2018, NHS dentists were among victims of the worldwide WannaCry ransomware virus which disrupted a third of NHS trusts in the UK.  

The malware encrypted data on infected computers and demanded a ransom roughly equivalent to £230 from victims, who were  effectively locked out of accessing patient records, appointments and treatment plans.  It was only a software update from Microsoft a few days later which stopped the spread of the computer virus, but not before thousands of patient appointments were lost throughout the NHS.

NHS Digital revealed that in June 2020, more than a hundred NHSmail mailboxes had been compromised, and were sending malicious emails to external recipients.

One mixed dental practice in Worcestershire was affected by the 2018 cyberattack and received a demand for money in return for the unlocking of the practice’s computer system.

A dental professional at the practice said “We couldn’t access any patient or treatment data for days, but problems lasted for a few months.”

In a report in 20218, the  National Health Executive revealed that the WannaCry ransomware attack cost the NHS a total of £92m through services lost during the attack and IT costs in the aftermath.

Chris Ross, Senior Vice President ( International) at security experts Barracuda Networks said of the NHS Digital’s 2020 data: “These figures are a reminder that when it comes to stealing confidential data and wreaking havoc, cyber criminals still consider our health service to be fair game. Unfortunately, these scam emails are often incredibly realistic, lulling the victim into a false sense of security to hand over passwords, patient records, and sensitive information by impersonating legitimate brands and even fellow employees.

He added: “With the global pandemic putting a huge strain hardworking doctors, nurses, and clinical staff, it’s absolutely vital that email systems are properly protected from outsider threats, to block malicious emails before they reach the inbox. It is equally important for Trusts to issue the necessary guidance about the risks associated with phishing attacks, so that staff are aware of the techniques associated used and can think twice before handing over important information to suspicious third parties.”



You need to be logged in to leave comments.

Please do not re-register if you have forgotten your details,
follow the links above to recover your password &/or username.
If you cannot access your email account, please contact us.