Ransomware attack affecting NHS in the UK

The below advice is from the Australian Digital Health Agency.

Health Care Providers; you may have heard about the Ransomware cyber-attacks affecting a large number of international health provider bodies and their access to data held on computer systems recently.

Please be aware that the Australian Digital Health Agency is working closely with State and Federal government entities in regards to these cyber-attacks and whilst the agency understands that Ransomware is an increasingly prevalent threat, with a rising number of variants designed to target our computer networks, we would like to advise you that the agency had undertaken proactive steps prior to this event to ensure our security posture remains resilient to defend against these types of attacks.

Whilst this current attack was stopped in its tracks before it reached Australia Health Care Providers are encouraged to prepare in case any further attacks happen.

Initial steps will be to check with your IT support provider that the usual security precautions are in place as follows:

  • Make sure your security software patches are up to date. This particular virus exploits a vulnerability that Microsoft fixed in this patch.
  • Make sure that you are running proper anti-virus software.
  • Back up your data somewhere else (and store it in a location that is not connected to your main computer system). You can’t be held to ransom if the data is available from another place – this is your best protection from ransomware. Are you assured that your backups are working? A regular restore from backup must be done.

You should not have any computers running Windows XP. However, if you are currently using Windows XP, you should apply the patch Microsoft has released until such time as you are able to update to a newer operating system.

Remind your staff about the risk of clicking links in emails or opening attachments (especially when they’re from an unknown email address). To reduce the risk:

1. First hover on the link with your mouse pointer, and look at where the link is taking you.
2. Take a second to think. Any link or attachment that is not from within your practice or immediate network, or a recognised friend, should not to be clicked. When in doubt, either call or email (in a separate email) your friend or the organisation asking them to confirm that the email is legitimate.
3. Only click if you’re sure it’s safe.

Further information about ransomware in the health sector is available at in the Cyber Security Guidance section of the Australian Digital Health Agency website

The Australian Cyber Security Centre can support you if you need information or advice about the incident on the weekend: 1300Cyber1 (1300 398917) or visit the website.

And finally, the RACGP’s Computer and information security standards are freely available here. They are a collection of best practice advice for protecting your systems.