Care homes and home care firms warned to protect themselves after Russian cyber attack

Care providers across the UK are being warned to watch out for Russian cyber attacks and check their security arrangements in response to malicious cyber incidents in and around Ukraine.

The Ukrainian government has accused Russia of being behind a cyber attack that targeted two banks and its defence ministry. The Kremlin has denied it was behind cyber attacks – which involved attempts to overwhelm a website by flooding it with millions of requests.

The National Cyber Security Centre (NCSC) is keeping track of the cyber conflict and has also separately highlighted an increased global threat of ransomware.

Concerning Russian cyber activity in and around Ukraine, the NCSC has said it is unaware of any current threats to UK organisations (w/c 7 February). However, they are stepping up their calls for British organisations to build resilience and stay ahead.

Care homes warned: 'In the cyber world we are all neighbours'

“Malicious cyber incidents in an around the Ukraine may feel like a remote risk for care providers in England – but in the cyber world, we are all neighbours”, warns Michelle Corrigan, programme director of Better Security, Better Care.

“Cyber criminals seek out weaknesses wherever they can find them. Care providers should use the Data Security and Protection Toolkit to assess and improve how they protect their information.

"But it isn’t a one-off exercise. They need to ensure they follow good cyber security practice in order to reduce the risk of falling victim to malicious cyber attacks – or unintended breaches.”

The Data Security and Protection Toolkit is an online self-assessment tool that allows health and care organisations to provide assurance that they are undertaking good data security and that personal information is handled correctly.

Better Security, Better Care is a national support programme aimed at helping care homes and home care agencies to store and share information safely. It covers paper and digital records and focuses on helping care providers to complete the Data Security and Protection Toolkit.

Putin denies involvement in cyber attacks

In relation to cyber attacks against Ukraine, Russia’s President Vladimir Putin has denied any involvement.

Kremlin spokesperson Dmitry Peskov said: “We do not know anything. As expected, Ukraine continues blaming Russia for everything."

The national support programme Better Security, Better Care, helps care providers to evaluate and improve their data and cyber security. It has been confirmed that the programme will continue through 2022/23.

Care providers in the UK are being urged to:

• Keep your Data Security and Protection Toolkit submission up to date. For example, if you have changed your IT systems or developed new services, use the Toolkit to ensure you’ve thought through the implications of any changes.

• Contact your IT leads and suppliers, if you have not done so recently. Make sure they are keeping up to speed with emerging cyber threats, such as the Russia/Ukraine and the Log4J vulnerability, and taking appropriate actions to protect the systems you use.

• Create or update your data and cyber security continuity plan. You can use a template and see guidance by visiting: www.digitalsocialcare.co.uk/resource/creating-and-testing-a-business-continuity-plan-for-data-and-cyber-security.

• Consider purchasing cyber insurance

• Report any cyber incidents. Contact the National Cyber Security Centre via www.ncsc.gov.uk.