Cyber Alert: Healthcare organisations targeted by cybersecurity attack

What is happening?

Yesterday several regional hospitals in Gippsland and South-West Victoria were impacted by a cybersecurity attack which blocked access to several systems using ransomware.

Monash Health’s systems were not impacted by this attack and remain secure.

What can I do to prevent a cyber-attack?

The most effective ways to protect yourself and Monash Health are:

Use a complex password or a passphrase

Improved cracking methods mean that we need to use more complex passwords to have confidence in our security. So, when deciding on your passwords, remember that the longer the password, the better.

Passwords should contain characters from at least three of the following four categories:

  • Uppercase characters(A through Z)
  • Lower characters(a through z)
  • Numbers (0 through 9)
  • Non-alphabetic characters(for example, !, $, #, %)

 

In particular, make sure that your password does not include:

  • repeated characters
  • a single dictionary word (four or five combined is ok)
  • your street address or numeric sequences (such as 1234567)
  • personal information
  • anything you have previously used

 

Keep your passwords and passphrases secure

Don’t use the same password across multiple accounts.

Post-It notes are for lunch appointments only! Don’t write passwords down and store them insecurely.

Beware of suspicious emails or phone calls

Cybercriminals commonly use email to deliver malicious software. Some emails carrying malicious software may appear to be a legitimate invoice from a supplier or the government. Always check the sender’s address, ensure the request looks valid, and consider whether the email is expected before responding to them.

Be extra careful with emails that:

  • You are not expecting or that contain unexpected requests such as unscheduled or overseas funds transfer requests from the CEO or CFO.
  • Come from unknown senders or an unusual address.
  • Contain attachments or suspicious links.

 

If you receive an email you believe to be suspicious please delete it immediately. Do not to open any attachments or click on any links contained with emails that look suspicious or come from unknown senders

 

Examples of suspicious emails

 

Example 1

 

Example 2 and 3

Who should I contact if I require additional assistance or if I wish to report a cyber incident?

Please contact the Information Technology Service Desk on 9594 7255 (option 1).



Previous Next
Close
Test Caption
Test Description goes like this
This website is for Monash Health employees. Please be mindful before sharing links.Learn more
+