No matter the size of your practice, cybersecurity incidents can have devastating and long term impacts. Every medical practitioner must be proactive, stay alert and be prepared in the event of a network security or cyber breach.
Below are the three most common types of cyber threats.
Malicious Software (Malware)
Malware is a generic term for malicious software including viruses, spyware, trojans and worms.
It has the power to gain access to important information such as medical records, private information, bank or credit card numbers and passwords. Cyber Criminals who utilise malware can be anywhere in the world.
To protect yourself against Malware, automatically update your operating system as well as your software applications. It is also essential to regularly back up your practice data.
Scam Emails (Phishing)
Pronounced ‘fishing’, they are emails from individuals or organisations you ‘think’ you know. They mimic phrasing, branding and logos to appear ‘real’, before conning users to click on a link or attachment. Here, they defraud users by asking them to provide or confirm their personal information, such as passwords and credit card numbers, or to pay a fake account. They can also send an attachment, designed to look genuine, with malware inside.
Phishing emails are typically sent to thousands of people. Even if only a small percentage of recipients fall for the scam, they can net significant data and sums of money. Phishing scams are not limited to emails. They are increasingly sophisticated and harder to spot and can be found in SMS, Instant Messaging and Social Media.
To protect yourself against Phishing be cautious of:
- Requests for money, especially if urgent or overdue
- Bank account changes
- Requests to check or confirm login details.
First of all, never pay a ransom. Most ransoms that are paid still do not give those attacked access to their computer files and programs. Ransomware attacks are typically carried out via a malicious but legitimate looking email link or attachment. When downloaded or opened, most ransomware encrypts a user’s files, then demands a ransom to restore access – typically payable using cryptocurrency, like Bitcoin.
Ransom is an age-old and effective crime that is now being committed digitally online. Ransomware offers cyber criminals a low-risk, high-reward income. It is easy to develop and distribute. Many small businesses are often less security conscious, are less likely to implement cyber security measures, and spend less on cyber security measures.
Again the best defense is to:
- Regularly update your operating systems
- Update your software
- Backup your business files and data
Tego Protects your Practice
The Tego Insurance team (with experts in medical indemnity insurance Australia and medical malpractice insurance) can help guide medical practitioners and practices with the appropriate insurances to protect your practice and your patients data against cyber threats.
We offer medical indemnity insurance, doctors indemnity insurance, GP medical indemnity insurance, medical practice insurance, medical malpractice insurance and more.
With cyber attacks on the rise, you need to protect not only your patients rights and wellbeing, but also your practice and livelihood. Our experts provide leading cover with more choice, innovation and greater flexibility.
This publication is general in nature and is not comprehensive or constitutes legal or medical advice. You should seek legal, medical or other professional advice before relying on any content, and practice proper clinical decision making with regard to individual circumstances. Persons implementing any recommendations contained in this publication must exercise their own independent skill or judgment or seek appropriate professional advice relevant to their own particular practice. Compliance with any recommendations will not in any way guarantee discharge of the duty of care owed to patients and others coming into contact with the health professional or practice. Tego Insurance Pty Ltd is not responsible to you or anyone else for any loss suffered in connection with the use of this information.