Cyber security
Published on: 27th January 2017 | Updated on: 7th April 2022
‘Cyber security’ relates to the protection of data, systems, and networks in cyberspace. It is becoming an increasingly critical issue for all who use or work with the internet. During the pandemic cyber attacks have increased significantly. The National Cyber Security Centre (NCSC) identified more ransomware attacks in the first four months of 2021 than the whole of 2020. Aside from the financial costs, cyber breaches within the health sector could lead to significant reputational damage for companies involved.
Ten steps to help improve data and cyber security
Community Pharmacy England recommends pharmacy teams review:
- the Community Pharmacy England Briefing: Ten steps to cyber security within your pharmacy; and
- Cyber security tips IT factsheet.
See: cpe.org.uk/dstemplates.
NHS Digital’s CareCERT will offer advice and guidance to support health and social care organisations to respond effectively and safely to cyber security threats. They will plan to do so through a number of programmes:
- CareCERT Assure – interested with organisation’s cyber security preparedness.
- CareCERT React – provides guidance and advice on data security incidents.
- CareCERT Knowledge – e-learning service
CareCERT also work with the National Cyber Security Centre (NCSC). The NCSC provides national guidance.
The standard NHS system settings are determined by the Warranted Environment Specification (WES), which itself specifies which versions apply in regards to:
- operating systems (e.g. Windows 7 minimum (see pharmacy guidance regarding Windows migration), older Windows versions are no longer falling within the common settings);
- internet browsers (e.g. Microsoft Internet Explorer 11, older IE versions are no longer falling within the common settings);
- java version (the version of the computer programming language being used, which is intended to let programs run smoothly); and
- Smartcard-related drivers.
Community Pharmacy England is working with NHS Digital regarding cyber security pharmacy visits conducted.
NHS Digital data security centre and their cyber partner company, Templars Executives, carried out pilot calls and visits to a small number of community pharmacies.
The findings of calls or visits will be anonymised and recommendations will be provided in due course.
Community Pharmacy England previously reported about a widely reported cyber attack and NHS Digital may provide updates on attacks on their website. Community Pharmacy England and NHS Digital may report in future on major cyber risks.
One way to help reduce cyber risks is to be suspicious of unsolicited emails and to be especially cautious of attachments or visiting website links within unsolicited emails. A few case study attacks are set out below:
“Wanna Decryptor” Ransomware”
A number of NHS organisations reported to NHS Digital back in 2017, that they had been affected by a ransomware attack. This attack was not specifically targeted at the NHS and is affecting organisations globally across a range of sectors.
Pharmacy teams may be aware of media reports which described how the cyber attack has been affecting some NHS computer systems.
The attack was understood to involve ransomware called Wanna Decryptor, Wanna Cryptor, WanaCrypt0r, WannaCry or WCry. It spread quickly around the world infecting Microsoft Windows operating systems and servers.
Once a system is infected, the ransomware may store malicious encrypted files on the infected computer, and request a payment in order to ‘unlock’ the terminal.
“Petya” Ransomware
This ransomware attack also began back in June 2017 but did not specifically target health care organisations & the NHS.
If you believe a computer has been affected by a major virus threat you should immediately disconnect the network cable/switch off WiFi network access and power the computer down, then contact your IT provider’s helpdesk.
Always consult your IT provider/helpdesk before taking any action that might affect your system.
If a computer on your network becomes infected with ransomware it will begin encrypting local machine files and files on any network device the logged-in user has permission to access. For system administration accounts this may include backup storage locations.
NHS Digital advise that to avoid computers becoming infected with ransomware and to enable recovery, where a computer does get infected, pharmacy contractors should seek to ensure that:
- A programme of education and awareness training is provided to staff to ensure they don’t open email attachments or follow links within unsolicited emails’
- All operating systems, antivirus and other security products are kept up to date;
- All day to day computer activities such as email and internet are performed using non-administrative accounts and that where administrative privileges are assigned, this is at the lowest level which allows the individual user to perform the functions that their role requires;
- All critical data is backed up, and backups must be protected and kept out of the reach of ransomware; and
- Multiple backups should be created on a regular basis, including at least one off-network backup (e.g. to tape).
The only guaranteed way to recover from a ransomware infection is to restore all affected files from their most recent backup.
Contractors should sign up to receive NHS Digital service alerts to their email account and mobile phone.
Read more at:
If you have queries on this webpage or you require more information please contact it@cpe.org.uk. To share and hear views about digital developments with like-minded pharmacy team members, join the CP Digital email group today.
Return to the Pharmacy IT hub; Data security hub or IT a-z index
For more information on this topic please email comms.team@cpe.org.uk