This report offers a high-level summary of the cyber security environment from 1st January to 31st December 2020. This Sector Snapshot is designed to improve awareness about the key cyber security threats in the health sector. It also advises the executives and cyber security professionals within the health sector on what they can do to safeguard their organisation from cyber threats.
The ACSC has published the 2020 Health Sector Snapshot whose main goal is to enhance awareness of key cyber security threats in the health sector, and to advise hospitals, research organisations and others on what they can do to shield themselves from cyber threats.
COVID-19 has completely changed the cyber threat landscape for the health sector.
The healthcare organisations have to lift their cyber defences, including those who are involved in the COVID-19 vaccine research, manufacturing and distribution and ACSC is working closely with them to facilitate them.
The ACSC has assessed that the most significant cybercrime threat to the Australian health sector is currently ransomware.
The best ways to protect you and your organisation from a ransomware attack is to keep the software up to date, use multi-factor authentication, and have current backups stored offline.
The ACSC has released two practical guides on ransomware at the launch of its new cyber security campaign. Both of the guides urge all Australians to be high alert with respect to online threats and encourage businesses, organisations and households to read and act as per the easy-to-follow cyber security advice given on cyber.gov.au.
Since the cybercriminals are adapting their scams to exploit the public’s interest for information on COVID-19, including vaccines, the Australian individuals, businesses and organisations need to be constant alert.
To receive threat alerts and advice to strengthen their cyber defences, health sector organisations are encouraged to apply to join ACSC’s Partnership Program.
If you are in any way impacted by a cyber security incident, you can report it through the ACSC’s ReportCyber. This is managed on behalf of federal, state and territory law enforcement agencies and it provides a single online portal for individuals and businesses to report cybercrime.