‘Cyber security’ relates to the protection of data, systems, and networks in cyberspace. It is becoming an increasingly critical issue for all who use or work with the internet.
Ten steps to help improve data and cyber security
PSNC recommends pharmacy teams review the PSNC Briefing: Ten steps to help improve data and cyber security within your pharmacy.
Some IG policies and templates are listed at psnc.org.uk/igtemplates.
NHS Digital have also published security template policies which can be adapted by contractors, relating to topics such as: Anti-malware, Back-ups, Bring Your Own Device (BYOD), Data handling, Mobile device working, and Removable media guidance (e.g. USB sticks).
NHS Digital’s CareCERT will offer advice and guidance to support health and social care organisations to respond effectively and safely to cyber security threats. They will plan to do so through a number of programmes:
- CareCERT Assure – interested with organisation’s cyber security preparedness.
- CareCERT React – provides guidance and advice on data security incidents.
- CareCERT Knowledge – e-learning service
CareCERT also work with the National Cyber Security Centre (NCSC). The NCSC provides national guidance.
The standard NHS system settings are determined by the Warranted Environment Specification (WES), which itself specifies which versions apply in regards to:
- operating systems (e.g. Windows 7 minimum (see pharmacy guidance regarding Windows 7/10 migration), older Windows versions are no longer falling within the common settings);
- internet browsers (e.g. Microsoft Internet Explorer 11, older IE versions are no longer falling within the common settings);
- java version (the version of the computer programming language being used, which is intended to let programs run smoothly); and
- Smartcard-related drivers.
NHS Digital cyber and data security work 2020
PSNC is working with NHS Digital on some cyber security matters and to seek pharmacy contractors
NHS Digital data security centre and their cyber partner company, Templars Executives, carried out pilot calls and visits to a small number of community pharmacies.
The findings of calls or visits will be anonymised and recommendations will be providedin due course. If you have questions about the work please contact Daniel.Ah-Thion@psnc.org.uk with ‘Cyber pilots’ in the subject header.
About specific threats
One way to help reduce cyber risks is to be suspicious of unsolicited emails and to be especially cautious of attachments or visiting website links within unsolicited emails.
“Wanna Decryptor” Ransomware”
A number of NHS organisations reported to NHS Digital back in 2017, that they had been affected by a ransomware attack. This attack was not specifically targeted at the NHS and is affecting organisations globally across a range of sectors.
Pharmacy teams may be aware of media reports which described how the cyber attack has been affecting some NHS computer systems.
The May 2017 attack, is understood to involve ransomware called Wanna Decryptor, Wanna Cryptor, WanaCrypt0r, WannaCry or WCry. It spread quickly around the world infecting Microsoft Windows XP, Vista and 7, 8.1 and 10 operating systems and Windows servers.
Once a system is infected, the ransomware may store malicious encrypted files on the infected computer, and request a payment in order to ‘unlock’ the terminal.
About the “Petya” Ransomware
This ransomware attack began to be widely reported from 27th June 2017. NHS Digital tweeted on the 27th June that “There are no known significant cybersecurity threats currently affecting health & the NHS.”
If you believe your system has been impacted by a threat or virus
If you believe a computer has been affected by a major virus threat you should immediately disconnect the network cable/switch off WiFi network access and power the computer down, then contact your IT provider’s helpdesk.
Always consult your IT provider/helpdesk before taking any action that might affect your system.
If a computer on your network becomes infected with ransomware it will begin encrypting local machine files and files on any network device the logged-in user has permission to access. For system administration accounts this may include backup storage locations.
Preventing ransomware attacks
NHS Digital advise that to avoid computers becoming infected with ransomware and to enable recovery, where a computer does get infected, pharmacy contractors should seek to ensure that:
- A programme of education and awareness training is provided to staff to ensure they don’t open email attachments or follow links within unsolicited emails’
- All operating systems, antivirus and other security products are kept up to date;
- All day to day computer activities such as email and internet are performed using non-administrative accounts and that where administrative privileges are assigned, this is at the lowest level which allows the individual user to perform the functions that their role requires;
- All critical data is backed up, and backups must be protected and kept out of the reach of ransomware; and
- Multiple backups should be created on a regular basis, including at least one off-network backup (e.g. to tape).
The only guaranteed way to recover from a ransomware infection is to restore all affected files from their most recent backup.
Contractors should sign up to receive NHS Digital service alerts to their email account and mobile phone.
Read more at:
- Caldicott3: Data security review (NDG 2016)
- News: Cyber security (digitalhealth.net)
- Little Book of Cyber Scams guidance (Met Police)
If you have queries on this webpage or you require more information please contact firstname.lastname@example.org. To share and hear views about digital developments with like-minded pharmacy team members, join the CP Digital email group today.
Return to the section: Data security and information governance
Return to the section: Data Security and Protection Toolkit