Cyberattack: are you prepared?

Justin Fung LLB, B.S Partner, Head of Commercial & Corporate, Avant Law

Sunday, 20 November 2022

Cyberattack article banner

Imagine receiving a phone call from your IT team or service provider, informing you there’s been unauthorised access of the entire patient record by an unknown party. Unfortunately, this is a situation many practices have faced recently and is a reminder for practice owners to be across their cyber security. The recent Optus and Medibank cyber security incidents are high-profile instances of an increasingly common type of cyberattack using ransomware. This is a type of malware that works by locking up or encrypting files so they can’t be accessed until the victim pays the ransom.

Check your preparedness

When was the practice’s cyber security last assessed? Practices grow and their operations become more complex over the years, which can introduce new areas of risk. Automated activities that should be occurring regularly need to be checked to ensure that they are still performing properly, otherwise important back-ups and file transfers may not be there to use when you need them (including in the context of a cyberattack).

Long gone are the days when patient records have been stored in hard copy format in filing cabinets, as these records have likely migrated to a cloud-based platform hosted by third-party providers. These third-party providers often employ cyber security experts, however, it is good to understand how they are looking after sensitive patient data in the practice. Knowing how your business collects and handles patient data is essential and requires having the right expertise to advise the practice on privacy and IT security matters.

Signs that risks might increase

Turnover among IT staff could affect the way the business’ cyber security systems are audited. This may also affect whether the latest updates to IT platforms are in place.

Are practice employees receiving unusual emails and pop-up messages requesting information? Do they know what to do if they receive a suspicious email? Employees need training and regular reminders on this to avoid complacency, and so they know what to do and how to report potential cyber threats. The majority of cyberattacks start from phishing (email by someone posing as a legitimate institution to obtain sensitive data), which means that every staff member is an essential part of the practice’s first line of defence.

Consequences and costs of an attack

The cost to organisations to rectify the impacts of a ransomware attack can be in the millions of dollars. There are the direct costs of items such as the ransom, people’s time, lost revenue due to downtime, IT and other consultants, hardware and network costs. In addition, there are the indirect costs of damage to the practice’s brand and reputation.

Health sector a prime target

According to a report issued by IBM Security X-Force Threat Intelligence Index, ransomware was the top attack type in 2021 and comprised 21% of all cyberattacks. The health industry was the top sector affected by ransomware, as reported to the Australian Cyber Security Centre1. The health sector is a prime target for cyber criminals due to the following:

  • Services delivered by the health sector are often critical to the community. Where there’s a potential threat to human life, cyber criminals that target health also assume organisations are considerably more likely to pay a ransom.
  • Given the general sentiment of trust communities place in medical professionals, cyber criminals anticipate that health organisations are most inclined to do ‘whatever it takes’ to restore business continuity as quickly as possible.
  • Bigger practices operating cloud-based platforms hold sensitive data of many patients. The increased centralisation of data has made it attractive for criminals to target these bigger practices.
  • As healthcare organisations are focused on delivering care to patients, cyber security can move down the priorities and practices may gradually become more vulnerable to lower levels of cyberattacks.

Manage your risks of a cyberattack

  • Are you running up-to-date end-point security and anti-virus software for all your digital communication and messaging platforms?
  • How often are you backing up all of the patient records and related data?
  • Are you running up-to-date end-point security and anti-virus software for all your digital communication and messaging platforms?
  • Have you implemented anti-phishing campaigns and does your business have systems in place to screen, block and restrict websites which may potentially be malicious?
  • What tools do you have in place to continually monitor for potentially malicious activity across your systems?
  • Are there internal protocols and controls governing who can access certain types of information with different levels of sensitivity?
  • Are your staff (especially those on the frontline) being regularly trained and tested on their ability to identify potential concerns and promptly report unusual activity through to the correct channels?
  • Have you got a business continuity plan which sets out clear processes and procedures to be implemented in the event of a cyberattack?
  • Do you have appropriate reporting and governance structures in place to ensure that key stakeholders are apprised of potential vulnerabilities and relevant regulatory authorities are notified?

Download our Cyber security checklist

Protecting members' data

Avant views member data in the same way doctors and practices view patient data. Protecting your data is a top priority involving people, processes and technologies, including:

  • 24/7 security monitoring of the Avant systems landscape
  • Annual audits to test the effectiveness of the security controls
  • Use of industry leading technologies to create an external defence
  • Regular external and internal cyber testing of systems
  • Annual cyber security compliance training for staff
  • Security management of vendors.

As the cyber landscape is constantly evolving, Avant is always on high alert to secure and protect your data.

We need your help too. If you become suspicious of a message from Avant, contact us on 1800 128 268.

Reference: Australian Signals Directorate & Australian Cyber Security Centre, Ransomware in Australia, October 2020

Share your view

We welcome your feedback on this article.

To Top