Cyber Security

Cyber security is a global issue and systems worldwide are being continually targeted to access data and financial assets.  It would appear that no system – personal or corporate – is immune from these attacks.  If you are a small or medium-sized enterprise (SME), the National Cyber Security Centre (NCSC) estimates that there is around a 1 in 2 chance that you will experience a cyber security breach.

CPNI has become aware of incidents within the community pharmacy sector outside Northern Ireland where attempts have been made to interfere with the data held.

Cyber Crime Alerts

• 23 Oct 24 CPNI CU#241023A RE: Cyber Alert: Phishing Activity in Northern Ireland
• 14 Oct 24 CPNI CU#241014A RE: Cyber Security Awareness Month: key messages for contractors
• 09 Sep 24 CPNI CU#240909A RE: FUNDED CYBER ESSENTIALS PROGRAMME – Unique Opportunity for Qualifying Contractors
• 03 May 24 CPNI CU#240503B RE: Cyber Alert: Phishing Attacks
• 04 Dec 23 CPNI CU#231204B RE: Cyber alert: Quishing
• 21 Nov 23 CPNI CU#231121B RE: Cyber Crime Alert – Digital Skimming
• 03 Oct 23 CPNI CU#231003A RE: Cyber Alert: Quishing
• 30 Aug 23 CPNI CU#230830C RE: Cyber Crime Alert: Remote Access Scams
• 03 Jul 23 CPNI CU#230703A RE: Detectives ask NI businesses to be on their guard against phishing scammers
• 20 Jun 23 CPNI CU#230620A RE: Cyber Crime Alert
• 12 Jun 23 CPNI CU#230612A RE: Recent Cyber Attacks
• 02 May 23 CPNI CU#230502B RE: Cyber Alert: Phishing Attacks in Northern Ireland
• 28 Sep 21 CPNI CU#210928A RE: Cyber Crime: Ransomware Attacks: Key Actions
• 05 Jul 21 CPNI CU#210705A RE: Cyber Crime Alert
• 30 Jun 21 CPNI CU#210630C RE: Cyber Crime Alert

Keep up to date with weekly threat reports from NCSC here

Community pharmacies hold a large volume of sensitive personal and financial data and any breach of the security systems protecting this information could be very damaging to the economic stability of the business and the welfare of patients.  It may also leave contractors open to possible punitive action by the Information Commissioner’s Office under DPA and GDPR legislation, with resulting reputational damage to the individual and the profession.

CPNI has been working closely with the cyber security lead from the Police Service of Northern Ireland who has held discussions with a number of contractors here to understand the challenges that contractors face in managing their data. 

There is a range of potentially vulnerable devices within the community pharmacy setting including PMR systems (which may be supported to varying levels by the supplier), and extending to routers, laptops, mobile phones and printers.

The following guidance has been issued by the police detailing five key steps that can be taken to improve cyber security in Community Pharmacy.

The step-by-step packages in the guidance cover the areas detailed below and further information can be accessed by clicking on the topic headline in the guidance:

• Backing up your data
• Protecting your organisation from malware
• Keeping your smartphones (and computer tablets) safe
• Using passwords to protect your data
• Avoiding phishing attacks

Following the relevant advice in the guidance package will significantly increase your protection against the most common types of cyber crime.  The topics covered are easily understood and cost little to implement.  While this guidance cannot guarantee protection from all types of cyber attack, it does demonstrate how simple steps can greatly contribute to the protection of your data, assets, and reputation.

A e-Learning programme is being developed by NICPLD and will be available early next year.

Contractors are reminded that the storage and back up of patient sensitive data and any amendments to your systems should be carried out in line with advice from your PMR system provider and in line with Data Protection legislation.

CPNI Cyber Security Updates

• 23 Oct 24 CPNI CU#241023A RE: Cyber Alert: Phishing Activity in Northern Ireland
• 14 Oct 24 CPNI CU#241014A RE: Cyber Security Awareness Month: key messages for contractors
• 09 Sep 24 CPNI CU#240909A RE: FUNDED CYBER ESSENTIALS PROGRAMME – Unique Opportunity for Qualifying Contractors
• 03 May 24 CPNI CU#240503B RE: Cyber Alert: Phishing Attacks
• 04 Dec 23 CPNI CU#231204B RE: Cyber alert: Quishing
• 21 Nov 23 CPNI CU#231121B RE: Cyber Crime Alert – Digital Skimming
• 03 Oct 23 CPNI CU#231003A RE: Cyber Alert: Quishing
• 30 Aug 23 CPNI CU#230830C RE: Cyber Crime Alert: Remote Access Scams
• 03 Jul 23 CPNI CU#230703A RE: Detectives ask NI businesses to be on their guard against phishing scammers
• 20 Jun 23 CPNI CU#230620A RE: Cyber Crime Alert
• 12 Jun 23 CPNI CU#230612A RE: Recent Cyber Attacks
• 02 May 23 CPNI CU#230502B RE: Cyber Alert: Phishing Attacks in Northern Ireland
• 31 Jan 23 CPNI CU#230131A RE: National Cyber Security Centre: Basic Check Service
• 10 Jan 23 CPNI CU#230110A RE: New Year Resolution: Improve the Cyber Security of Your Business
• 08 Nov 22 CPNI CU#221108A RE: Cyber Security Update
• 04 Apr 22 CPNI CU#220404A RE: Cyber Security: ELearning Programme
• 29 Mar 22 CPNI CU#220329C RE: Cyber Awareness Matters Reminder
• 02 Feb 22 CPNI CU#220202B RE: Cyber Awareness Matters
• 28 Oct 21 CPNI CU#211028A RE: Cyber Security Update: Do You Need to Act Now to Protect Your Security?
• 28 Sep 21 CPNI CU#210928A RE: Cyber Crime: Ransomware Attacks: Key Actions
• 31 Aug 21 CPNI CU#210831A RE: Cyber Security Update: New Tools to Help Pharmacies Protect Themselves
• 03 Aug 21 CPNI CU#210803A RE: Cyber Security Update: Common Vulnerabilities
• 05 Jul 21 CPNI CU#210705A RE: Cyber Crime Alert
• 30 Jun 21 CPNI CU#210630C RE: Cyber Crime Alert
• 30 Jun 21 CPNI CU#210630B RE: Cyber Security Update
• 22 Jun 21 ECHO Session: 29 June 2021 Keep the Date. Cyber Crime – The Northern Ireland Picture: Simple Steps Towards Cyber Security
• 07 Jun 21 CPNI CU#210607A RE: Update on Phishing and Ransom Attacks
• 14 May 21 CPNI CU#210514B RE: Cyber Security Update from the Police Service of Northern Ireland
• 23 Apr 21 CPNI CU#210423E RE: Weekly Summary
• 31 Mar 21 CPNI CU#210331A RE: Cyber Action Plan
• 22 Mar 21 CPNI CU#210322A RE: Protect Your Business, Cyber Security: Microsoft Vulnerabilities Exploitation
• 23 Feb 21 Cyber Security: Protect Your Business
• 12 Jan 21 CPNI CU#210112A RE: Cyber Security – Community Pharmacies Reminder
• 17 Nov 20 CPNI CU#201117B RE: Cyber Security – Community Pharmacies
• 03 Nov 20 CPNI CU#201103B RE: Zoom Video Conferencing Facilities for Pharmacy

Useful Websites