October 17th 2022
“After the event, we were shown how easy it was to hack weak passwords with a simple programme, it was done in a matter of seconds.”
As technology advances, so does cyber crime. There are many benefits for care providers to go digital, but as this care service found out, it is crucial that systems are in place to ensure that you do not become vulnerable to cyber criminals.
As part of Cyber Security Awareness month, we spoke to a supported living and home care provider (who wishes to remain anonymous) and heard how they fell victim to a ransomware attack.
An old server was breached that ran employee rosters and contained some client files. As a service who employs over 100 people, this had major implications for client care and delivery. As the care service manager explains:
“The first thing we knew about it was when we tried to log in to our server. We got a notice saying that we needed to pay a Bitcoin ransom in order to access to our data. It felt like a great invasion of our organisation, but thankfully we are a strong team and we really pulled together. We had paper records of the staff rosters for the first couple of weeks. Plus we had recent print outs of our clients’ records and plans so we could work from there and rebuild.”
The service briefed the Information Commissioner’s Office, staff, families and people who used their services about the incident and the steps they were taking to manage it. Fortunately, they also had cyber security insurance and found arrangements to be very helpful and supportive.
It turned out that cyber criminals had entered the system by a ‘port’ that was set up originally by a small IT company so they could support the provider remotely if needed. No one was aware that the password was not robust enough, and they later found that the IT company no longer provided support and did not exist.
Investigations by the insurers found that no data had been downloaded from the server but, as the service manager explains, the experience demonstrated just how easily the situation could have escalated.
“The key thing we learned was to check our back-ups. We had a plan but the remote back up wasn’t backing up. The local back-up was plugged in to the server so that was affected by the attack too.”
“Since the attack, we have also completed our Data Security and Protection Toolkit and in doing so have arranged to change passwords on a regular basis; introduced a two-stage authentication to access the server; included cyber security in our business continuity plan, trained our staff on cyber security awareness. So, the DSPT was a really useful checklist to help us improve.”
Reducing the risk of a cyber attack
- Keep your software up to date to prevent it becoming vulnerable to a cyber-attack.
- Use two-factor authentication as well as strong passwords.
- Install up to date anti-virus software.
- Back up your data regularly to ensure you can access it in the event of a breach.
- Protect mobile devices and tablets.
- Train staff on cyber security awareness to prevent human error.
- Check to see if your insurance policy covers a cyber breach.
- Complete the Data Security and Protection Toolkit – an annual assessment of your data security processes.
- Get free support on the DSPT and more from the Better Security, Better Care
What to do if you’ve been the victim of a cyber-attack
- Report the attack to Action Fraud either online or by calling 0300 123 2040
- For advice and support, you can also report this to the National Cyber Security Centre. They also have a list of steps to take after you identify a breach.
- If personal data has been breached i.e. details about staff or service users, then you will need to report this online to the Information Commissioner’s Office.
- If your care service completes the Data Security and Protection Toolkit, you can report breaches within the Toolkit and it will help you decide if you need to report the cyber-attack to the Information Commissioner.
Photo by Towfiqu barbhuiya on Unsplash
View all case studies