What is happening?
Yesterday several regional hospitals in Gippsland and South-West Victoria were impacted by a cybersecurity attack which blocked access to several systems using ransomware.
Monash Health’s systems were not impacted by this attack and remain secure.
What can I do to prevent a cyber-attack?
The most effective ways to protect yourself and Monash Health are:
Use a complex password or a passphrase
Improved cracking methods mean that we need to use more complex passwords to have confidence in our security. So, when deciding on your passwords, remember that the longer the password, the better.
Passwords should contain characters from at least three of the following four categories:
- Uppercase characters(A through Z)
- Lower characters(a through z)
- Numbers (0 through 9)
- Non-alphabetic characters(for example, !, $, #, %)
In particular, make sure that your password does not include:
- repeated characters
- a single dictionary word (four or five combined is ok)
- your street address or numeric sequences (such as 1234567)
- personal information
- anything you have previously used
Keep your passwords and passphrases secure
Don’t use the same password across multiple accounts.
Post-It notes are for lunch appointments only! Don’t write passwords down and store them insecurely.
Beware of suspicious emails or phone calls
Cybercriminals commonly use email to deliver malicious software. Some emails carrying malicious software may appear to be a legitimate invoice from a supplier or the government. Always check the sender’s address, ensure the request looks valid, and consider whether the email is expected before responding to them.
Be extra careful with emails that:
- You are not expecting or that contain unexpected requests such as unscheduled or overseas funds transfer requests from the CEO or CFO.
- Come from unknown senders or an unusual address.
- Contain attachments or suspicious links.
If you receive an email you believe to be suspicious please delete it immediately. Do not to open any attachments or click on any links contained with emails that look suspicious or come from unknown senders
Examples of suspicious emails
Example 2 and 3
Who should I contact if I require additional assistance or if I wish to report a cyber incident?
Please contact the Information Technology Service Desk on 9594 7255 (option 1).