Cyber security is fast becoming a key business priority due to increasing risk from online crime

Cyber security comprises technology processes and controls that are designed to protect systems, network and data from online threats. The ‘WannaCry’ ransomware attack in 2017 affected many health trusts across England and Scotland. Following such attacks, cyber security has become an increasing focus for organisations operating in healthcare.

The healthcare industry has been particularly vulnerable to online threats as many legacy systems and devices lack recent updates/patches but are still connected to internal networks. When compromised, many healthcare professionals do not realise that patient records can be breached and sold repeatedly by cybercriminal networks operating on the Dark Web. Confidential information contained within medical records can be used for many different types of identity fraud and phishing attacks. Some can be more common than others.

In the UK, online attacks are mainly carried out using Ransomware.

Ransomware is a subset of malware in which the data on a victim’s computer is locked by an encryption. Payment is then demanded before the ransomed data is decrypted and access returned to the victim. Usually the motives around Ransomware attacks are always monetary. Payment is often demanded in a virtual currency such as bitcoin so the cyber criminal’s identity is hidden.

Meltdown and Spectre

A more recent threat is the “Meltdown and Spectre” CPU bug which affect virtually all computers. An article published by the BBC highlighted the risks of this. “Spectre” gets programs to perform unnecessary operations; this leaks data that should remain confidential. “Meltdown” also takes information but it takes memory used by the computer in a way that would not normally be possible.

Researchers that discovered this bug said the practicality of producing fixes for existing processors were “unknown”. However, individuals that use cloud services are not at risk but companies providing them with the cloud services are working out the implications Meltdown and Spectre have for them.

Cybercrime may well be on the rise, but there are many steps that can be taken to reduce the risk of being open to online attacks.

5 ways to improving your cyber security measures:

1. An effective way to making sure your organisation is protected against all forms of cyber-attacks is to educate employees on the different types of cyber-attacks. This could involve creating a greater awareness of the subject across the business as a whole and training employees to remain suspicious of emails that have links or attachments within them. Phishing attempts are the most common attack and are usually in the form of emails.

2. Carrying out a thorough scan of the internal IT infrastructure and patching up any vulnerabilities that are found in the process. Once determined, the right measures can be taken to ensure the system is as secure as possible.

3. Take the usual computer security steps such as having the latest patches and updates installed that are released by providers.

4. Create strong passwords and change them on a regular basis. Passwords should have numbers and symbols to ensure the highest level of security.

5. Back up data on a regular basis and ensure security updates are installed on the computer as soon as they are released. Having up to date back-ups make it possible to restore files without paying a ransom if you are hit from a cyber-attack.

Here at Cohort Software, security and compliance is key to ensuring we can deliver a fast and reliable service for customers. You can learn more about our business IT and security processes by visiting the Security & Compliance section.