Care Home Management

The Care Home Decision Makers’ Magazine

UK Care Home News

DHSC identifies social care cyber risk

The Department of Health and Social Care (DHSC) has issued urgent warning and advice on a critical cyber risk, CVE-2021-44228, also known as Log4Shell or LogJam.

NHSX asks that all adult social care providers, and all those running or providing digital services in the sector consider the information below and act accordingly.

What is happening?

The threat enables attackers to access IT systems from where they could deploy cyber attacks such as ransomware. It is highly likely that most, if not all, IT and digital systems used by adult social care providers will be affected.

NHSX suggests the following preventative actions:

  1. Check your digital suppliers’ website and follow their advice about mitigating cyber vulnerabilities. In this case, the most important action is to install the latest version as soon as practicable.
  2. If your software suppliers do not have guidance, you may wish to contact them and ensure they are acting accordingly, and scanning for Log4j2 vulnerabilities in particular.
  3. Your Local Support Organisation, through DSC’s Better Security, Better Care Programme, will be on-call to help or escalate issues you have. This may be especially helpful if you do not have IT support.
  4. For technical advice and further details, you may find the following updates and guidance useful: National Cyber Security Centre (NCSC)NHS DigitalMicrosoft.
  5. If there are any indications of a compromise, please report this as soon as possible to the NCSC via https://report.ncsc.gov.uk/.
  6. Follow Digital Social Care on Twitter for sector-specific and relevant updates.

NHSX also strongly encourages you to use this alert to review your continuity plans, run a data back-up, and consider purchasing cyber insurance, if you have not done any of those recently.

Related

The CHM Podcast

The Latest UK Care Home News

Washco

WASHCO are national specialists in commercial laundry equipment, installing, advising and repairing across the UK from regional hubs.