How to avoid an HSE style cyber attack

New call-to-action

Last week the HSE unfortunately fell victim to a cyber security ransomware attack which has affected all national and local IT Systems, and the HSE email system.

Ransomware is a malicious attack that temporarily blocks a user accessing a system, the hacker will demand a fee to be paid to regain access to the system.

This attack on the HSE similarly echoes the 2017 WannaCry cyber-attack on the NHS.

It’s likely both of these Health organisations became victim to cyber-attacks due to the sensitive information that they have. Hackers know that patient information is sensitive and under no circumstance will Health Officials want it leaked – meaning that it’s more likely these organisations will pay out to a ransom.        

How do hackers get into a system?

As technology advances and becomes more efficient, so do cyber criminals. There has been no official confirmation on how hackers were able to access the HSE systems, but we do know there are numerous ways hackers can enter a system. The most common are:

  • Windows system has not been upgraded. Hackers will rely on outdated software as a potential method of gaining access to a company's security information
  • A VPN is not being used while using an internal network. VPN works by replacing your businesses IP Address with the servers IP address when online, meaning that your personal data cannot be seen online.
  • The company are not using a Firewall. A Firewall creates a barrier between a trusted and untrusted network, potentially blocking malicious sites.
  • Human error. Many cyber scams like phishing rely on human error to work i.e., an employee will open an email that looks legitimate and download content that’s included in the email. The hacker will use this as an entry point to the system

How can I protect my business?

It's essential to ensure that you apply security best practises to minimise your risk of falling victim to ransomware:

  • Enlist the help of a security/IT Specialist
  • Install anti-malware software
  • Using anti-virus, scan your computer to find the ransomware programme
  • Use a cyber security system that includes a Firewall and operates in real-time
  • Filter emails to avoid clicking on a potentially dangerous email or link
  • Limit company access to confidential or sensitive information
  • Use Multi-factor authentication to make your account as secure as possible
  • Create secure backups and test on a regular basis
  • Do not install software or give it administrative privileges unless you are 100% sure it’s legitimate.
  • Ensure everyone in the company is aware of what to do if they think they may have clicked on a potentially malicious site or link
  • Provide mandatory company training to create awareness of cyber hacks and best practices when working online.
Back to Blog

Related Articles

Must-have apps and tools for business owners | Trojan Technology

Owning a business takes a lot of work, but also one of the most exciting things you can do. It...

5 Ways to Automate your business with O365 | Office 365 Donegal

Automating your business first and foremost means that you nullify the need for tasks that are time...

A guide to conferencing hardware

For a lot of businesses, it’s quite normal to underrate the value of both great conferencing...