Vic Health tackles infosec after pathology malware infection

By
Follow google news

Sets up working group to push new controls statewide.

Victoria’s Health department has shortlisted 72 cyber security controls for the state’s health services to implement following a malware infection at Melbourne Health last year.

Vic Health tackles infosec after pathology malware infection

The state’s auditor-general Andrew Greaves today revealed the department had directed all health services “to complete a cyber health check baseline assessment” last May after Melbourne Health fell victim to a malware infection that downed its pathology systems.

It spent weeks grappling with mutations of the Qbot malware, and had to fast-track an operating system upgrade project to recover.

The state-wide cyber health check baseline assessment conducted in the wake of the infection “found that health services are at varying levels of maturity, and all health services need to work to achieve minimum cyber security standards”, Greaves said.

“After the assessment, the department prepared a set of cyber security minimum baseline requirements, comprising 72 cyber security controls,” he said.

“A working group of representatives from the health services and the department has been set up to plan how the health sector will attain the maturity required to protect the quality and safety of clinical care from cyber breaches.”

Greaves said there were a range of risks around cyber security across the state’s health operations, and they were exacerbated by system interdependencies.

He said patients could be put at risk if systems across a range of health disciplines were left unavailable due to a security breach.

However, Greaves said he “commended” the Health department for its actions following the Melbourne Health malware infection, and said his office would consider a future audit to determine the efficacy of implementation of the baseline security controls.

Add iTnews as your trusted source

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Bendigo Bank aims to have Australia's "first agentic SOC"

Bendigo Bank aims to have Australia's "first agentic SOC"

ASD to retire Essential Eight cyber security framework within next two years

ASD to retire Essential Eight cyber security framework within next two years

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases

Microsoft device telemetry key to unmasking alleged Scattered Spider hacker

Microsoft device telemetry key to unmasking alleged Scattered Spider hacker

Log In

  |  Forgot your password?