New warnings over software scammers targeting pharmacies
In its latest monthly communique, the Victorian Pharmacy Authority says it “continues to hear reports of pharmacies being targeted by ransomware, a type of malicious software that handicaps computer functionality, for example, through browser hijacking or encrypting personal data, and offers to restore the functionality for a fee, which is a form of extortion”.
The Pharmacy Board of Australia has previously warned pharmacists about the risks and their obligations to maintain health records securely.
The Authority recommends pharmacists and stakeholders visit the Australian Government’s Stay Smart Online website which “provides online safety and security information. The site provides access to a free Alert Service to explain recent online threats and how they can be managed”.
Andrew McManus, general manager operations for Fred IT Group told AJP that “the threat is real and we support the Victorian Pharmacy Authority comments”.
He said Fred IT advised pharmacies to:
- Only browse trusted work related websites
- Don’t click on suspicious emails (some pharmacies go as far as not allowing use of personal email accounts on pharmacy PC’s)
- Ensure you have a up to date anti-virus software (we can provide this)
- Ensure you have an encrypted on and off site back up (we can provide this)
- Clear and relevant procedures to reduce the risk and what to do if you are compromised
In their advice to pharmacists, Fred IT says “viruses, trojans, malware, ransomware are all terms used to describe malicious software designed to disrupt and in some cases hijack your computers”.
- Ransomware is the latest type of malware that can allow hackers to take control of your system, locking you out and in some cases encrypting your data. Usually payments are demanded to return your system to normal (do not pay if you receive one of these). A recent attack on a Queensland medical centre was well publicised through the media.
- Malware like all viruses can come from visiting websites, opening emails and external hardware (USB’s, hard drives, laptops, etc.) accessing your network via cable or wirelessly.
Tomorrow we look at Fred ITs 10 requirements for a secure IT system