Ndzalama Shivambu

Acfee Intern

  • Cyber-criminals like Ransomware

    Ransomware’s a favourite with many cyber-criminals. It’s cheap to produce and can provide big, illegal returns by encrypting users’ data. Decryption comes with a fee, but experts say users should never pay, but fix it by relying on up to date offline back-ups. It offers good returns because it mainly relies on unsuspecting users clicking on illicit links in emails and webpages so malicious ransomware’s downloaded. Acfee’s cyber-security overview eBook reports that  ransomware restricts access to computers, which is reinstated after paying a ransom often in Bitcoin to remove the restriction.. Cyber-criminals know this phishing approach that kidnaps information is  significantly more profitable than stealing  it. WannaCry made headlines  when cybercriminals launched a global cyber-attack. It’s a step up on lucrative conventional ransomware, being extremely predatory, scanning and hunting for networks’ vulnerabilities. It’s not clear if it used phishing, or was more sophisticated and sought vulnerabilities.


    An article in the NewYorkTimes says the cyber-attack affected more than 150 countries and inflicted 200,000 Windows computers.  Hackers mainly targeted hospitals, academic institutions and high profile global companies. Perpetrators used a digital code previously leaked as part of a document dump. A report by News 24 says it explains the virus’s rapid spread

    Healthcare news has an alarming estimate that  72% of malware attacks on healthcare used ransomware. Healthcare is particularly targeted by hackers as they know how crucial data is to daily hospital operations, and the gravely result it might have when leaked or placed in the wrong hands.   Verizon researched this. Its 2017 Data Breach Investigation Report    found  that 602 of 2,000 breaches stemmed from phishing emails. Symantec identified ransomware’s growth. Its report said  the number of ransomware detections increased by 36% during 2016, up from 340,000 in 2015 to 463,000 in 2016.

    Any organisation can fall victim to these attack, so they must impose strict measures to increase cyber-security  and ensure that all employees remain vigilant and alert.

  • Phishing attacks are a challenge for South Africa

    Phishing is one of the most common, dangerous and frequent cyber-attacks that poses serious threats. Phishingbox has an estimate saying that at least one in 1,846 emails is a phishing attack. Emails are not the only source. Cyber-criminals use fake websites and adverts to trap people too.

    In Acfee’s cyber-security overview eBook phishing is when cyber-criminals send apparently legitimate emails or website adverts to entice recipients to respond either by clicking on malicious links that can download ransomware, or by providing sensitive information like passwords, usernames and personal data, that can be used mainly for email fraud. Cyber-criminals are increasingly using invitations to connect to bogus websites to entrap unsuspecting users too.


    This form of cyber-attack is successful because some users are easily fooled by the emails or adverts which appear legitimate. These hoaxes convey a sense of urgency which prompt a respone for security reasons by clicking on a link in the email that directs them to the spoofed website. This type of bogus website is designed  to acquire information and identity theft and encrypt users for a ransom payment.


    An article in ITNewsAfrica says South Africa’s the second most targeted for phishing attacks. In 2013, phishing cost South Africa about US$320 million, about  ZAR4,256,340,017 billion. Since then, spear phishing has become aa common form of phishing. It bypasses most security defences by sending emails that  are significant to users. Anyone can fall victim to this scam. Banking has some tips to avoid phishing:      

    • Keep online IDs, passwords and PINs private and never write them down or share them with anyone
    •  Always log off or sign out at the end of a sessions
    • Never respond to emails that request personal details. Never use links in emails or adverts to access websites,  always use web address provided by their organisations
    • Type web addresses in browsers and ensure sites are secure by looking for the lock icon on browsers before logging on
    • Don’t open emails from unknown sources, even if the email addresses, titles and sender details look legitimate, and delete them immediately
    • Create longer passwords that combine letters, both lowercase and capitals, numbers and symbols that cannot be attributed to you
    • Avoid passwords that are too personal, too simple such as 1234 and don’t duplicate one password for several accounts
    • Ensure up-to-date anti-virus software  and frequently update security patches your operating systems.

    While these are generic, they’re essential for all Africa’s eHealth users. They fit personal use too. They require constant vigilance.

  • Cyber-crime’s rampant rise needs Africa’s health systems to respond

    The growing use of technology and connection to the Internet increases susceptibility cyber-crime. Sub-Saharan Africa’s ranked third highest exposure to cyber-crime globally. South Africa has the highest connectivity relative to other African countries, making it a hotspot for cyber-crime. It’s not too surprising it’s ranked first in Africa

    As South Africa’s eHealth blossoms, cyber-criminals have a growing interest in South Africa . Its health systems are not immune to cyber-attacks. Phishing’s the most common form of attack. It’s when cyber-criminals send an apparently legitimate email to entice recipients to respond by providing sensitive information like passwords to accounts and systems, usernames, personal data and other details that can be used mainly for fraud, but also enable ransomware downloads to extort money. It’s an unsophisticated cyber-attack, often successful and frequently used. Avoiding it needs constant vigilance, awareness and trained users.


    An article in the Cover says breaches in healthcare  outweigh all other industries and services. Its data collection, storage and sharing  of confidential patient information makes healthcare perfect targets for cyber-crimminals. If its leaked, it can potentially result in liability claims and grave reputational damage. As healthcare professionals become more reliant on eHealth and its, EHRs and technology, it opens cyber-security windows wider.


    In South Africa, cyber-crime has an economic impact on the nation. It costs an estimated R5.8 billion a year. It’s mainly attributed to risks of system failures and additional costs of restoring systems once hacked. The consequences includes loss of productivity and revenue. Adressing it needs strict legislation, regulation and policies to  help minimise risks and threats. But they’re not enough.


    Healthcare workers need to be more aware of risks and risky behaviours. This needs training and education on avoiding breaches and phishing attacks. They also need to be vigilent with their equipment and materials and adopt best practices.


    Even this is not enough. In a world increasingly driven by technology, having appropriate, effective and far reaching digital cover is imperative. It’s impossible to eliminate cyber-crime’s risks, so rigorous technological solutions are needed to minimise it.  Health systems and organisations have to implement and sustain the most effective holistic cyber-cover that build in modern techniques such as layering defences. Many cyber-attacks breach perimeter defences but don’t reach organisations’data. These are warning signs that need addressing and stopping. A sigh of relief isn’t cyber-security.

  • Malicious insiders can be a major threat

    It’s important not to disregard the human side of cyber-crime and the threat it poses to healthcare, its EHRs and medical devices. The consequences can be devastating. External cyber-attackers aren’t the only threat. Real criminals can be inside healthcare. This is what happens when people trusted with personal and confidential information abuse trust and misuse their power. They’re known as malicious insiders.

    Employees, former employees, contractors or business partners can all have access to organisations’ networks, systems or data. Disgruntled, they may retaliate by stealing and releasing information that can damage organisations and patients. A global research study by Mimecast reported that an alarming 90% of organisations said malicious insiders pose a major threat.

    Findings from Pretenus Breach Barometer in an  article by Healthcare IT News reveal that the number of healthcare security breaches caused by insiders has doubled from January to February. Findings from 26 incidences reported that:

    1. Malicious insiders contributed to 58% of total breaches
    2. Their attacks are difficult to detect.

    More worrisome findings are:

    1. Only 23% of respondents are confident that their organisations have invested enough in monitoring systems
    2. The top three alleged instigators of malicious insiders threats are; 80% of employees meddling in their relatives or friends, 66% financial identity theft and 51% identity theft
    3. 57% of respondents believe that cyber-attacks are always an inside job
    4.  Attacks are usually for financial gain.  

    This evidence is a major public health concern. If disgruntled healthcare workers have access to personal and confidential patient data, it’s vital that measures are in place to deny them access. To protect patients and healthcare organisations from insider breaches the healthcare sector should invest in strengthening and protecting organisations’ networks, systems and databases especially those storing personal and confidential information.

    Acfee has information for health ICT professionals  on cyber security practices.

  • eThekweni District has an HIV/AIDS app

    HIV/AIDS remains one of the leading causes of death worldwide. Avert has estimated that   more than 7 million people in South Africa live with HIV. About 70% of the total global prevalence lives in sub-Saharan Africa, with South Africa carrying the highest burden of the epidemic in the world in 2015. HIV/AIDS is a major health concern in South Africa, with 380,000 HIV incidences and 180,000 HIV/AIDS fatalities in 2015 as reported by Avert. KwaZulu-Natal tops the chart of the country’s nine provinces with nearly 20% of HIV/AIDS patients. 

    In 2015, eThekweni District in KwaZulu-Natal’ started using mHealth to help improve services for people living with HIV. Access to HIV/AIDS treatments services remains a challenge, with only 48% of adults receiving Antiretroval Treatment (ART) in the country. South Africa, like many other African countries, face many health challenges, patient and community barriers against the smooth delivery of HIV/AIDs treatment and services.

    Health system barriers include a growing shortage of staff due to high turnover, highly congested and poorly coordinated healthcare facilities and a knowledge gap between healthcare providers and their patients. Patient barriers are long distances, transport costs and longer waiting times before receiving primary healthcare or treatment. Lastly, HIV/AIDS related stigma and discrimination remains prevalent in communities.

    Health-e News has a report saying the project includes an app so healthcare providers can track individual performances of caregivers in every ward, while indicating where health services are inefficient. The app enables healthcare providers to login with their own personal username to report on their activities and interventions. Managers can use the app to monitor activities in each ward. The project focuses on HIV patients and has received a twelve-month grant of £96,944 roughly R1 547 086 in 2015.

    Integrating apps like these in healthcare can increase efficiency in the delivery of HIV treatment and services and can build trust between healthcare providers and their patients. It should help improve co-ordination, address staff shortages, allow healthcare providers to monitor and track their patients’ status, and enable managers to improve the functioning of facilities. It could help other districts too.

  • AAMI presents 80001-1 standard cyber-risk management response

    Healthcare professionals are integrating technology with medical devices to improve disease management, reduce medical errors, and to increase communication with their patients. All these valuable benefits are reduced by cyber-risk, some of which become cyber-security breaches. The surge of Internet of Things (IoT) and web-connected medical devices has increased these cyber-security risks and vulnerabilities. An article in Forbes says that hacktivists and cyber-criminals exploit vulnerabilities in systems with poor cyber-threat monitoring, lack of regulations and policies. There’s also a need for reactive and detective controls and defences.  

     As The Association for the Advancement of Medical Instrument  (AAMI) celebrates its 50th anniversary this year, it welcomes its new president and CEO Robert Jensen. AAMI’s developed standard 80001-1:2010 to apply to risk management for ICT networks that incorporate medical devices. The most common cyber-security risks are web application attacks with malware that includes viruses, worms, spyware and ransomware. It’s crucial to provide a cyber-security strategy for total product life-cycles, starting from design and stretching to obsolesce to ensure maximum cyber-security.

    80001-1: 2010 stipulates requirements needed to attain vital safety, effectiveness, data and systems and interoperability. It provides guidelines to suppliers, and it’s their responsibilities to comply when manufacturing, installing and distributing their medical devices for use. The first part in 80001-1 aims to guarantee the safety, security and privacy of both delivery and quality healthcare for patients, and address patient and operators risks.  Some recommendations to improve cyber-security are:

    1. Install benchmarks to test and trail medical devices for any vulnerabilities
    2. Develop programs for routine software updates
    3. Impose strict access and control policies to authorised personnel
    4. Increase cyber-security features in medical devices

    Africa’s health systems can adapt the 80001-1 safety requirements to increase the cyber-security in medical devices. This will help secure eHealth systems and go along way in protecting patient data.

  • Do benchmarks offer better cyber-security for medical devices?

    Our privacy, health and EHRs depend on secure and resilient cyber-security.  An article previously on eHNA asked how safe are hospital devices? It’s clear that the increasing number of medical devices connected to the Internet increases cyber-security risks. They could be life threatening and have fatal consequences, so serious in the extreme.  More healthcare providers are using connected medical devices to monitor and treat patients. It’s therefore imperative that these devices are secure.

    The Center for Internet Security (CIS) is developing a set of benchmarks to protect medical devices, such as insulin pumps, pacemakers and defibrillators, from possible hacking or viral malware. In computing, benchmarking is running computer programs to assess the relative performance of an object by running numerous standard tests and trails against it. An article in MobiHealthNews says CIS has invited medical device makers to participate in the project to help to develop cyber-security control guidelines.

    Protecting insulin infusion pumps is the first priority. The Washington Post has an article saying it’s one of the most used medical devices, so it’s likely to attract more attention from stakeholders and increase collaboration on increasing their cyber-security.

    ABI Research has estimated that by 2020, more than 30 billion medical devices will be connected to the Internet of Things (IoT). Diabetes Mellitus and heart diseases are amongst the leading causes of death in South Africa. Although insulin pumps and pacemakers are not yet popular and easily accessible, demand’s growing rapidly. South Africa and other African countries can adapt the CIS cyber-security control guidelines initiative when manufacturing and using medical devices. The aim must be to ensure their safety.

  • How safe are hospital devices?

    Effective and sustainable eHealth is a longstanding priority for many developed countries in improving healthcare and its information, access and quality. It can be a catalysts between healthcare providers and patients to provide quality healthcare while bridging the gap between inequity and distribution of health resources.

    The rapid growth of eHealth has, however, increased concerns about cyber-security. An article in Computer Business Review (CBR) says there are new emerging threats on hospital’s devices connected to web. While there’s considerable emphasis on protecting patients’ records, there’s insufficient accorded to guarding web connected hospital devices. Hacktivists and other cyber-criminals are finding new ways to penetrate hospitals’ health systems vulnerabilities, and these extend to online EHRs and devices.  

    Internet of Things (IoT), hospital and wearable web connected devices, such as insulin pumps, pacemakers, heart and blood pressure monitors, are susceptible to targeted attacks by hacktivists, terrorists and organised crimes gangs. When healthcare data’s placed in the wrong hands, the consequences could be fatal.

    WHO says  health systems in Africa are investing in eHealth and its mHealth component in their quests for Universal Health Coverage (UHC), accessibility and quality. Despite the expanding programmes, Africa’s eHealth is still nascent, with some healthcare providers and public health agencies still unaware of eHealth’s possibilities in improving health and healthcare quality and access.

    As eHealth becomes more widespread in Africa, hospitals should learn from developed countries about a holistic approach in increasing cyber-security in both patients’ records and hospital devices. Allocating equal distribution of resources to implementing eHealth programmess and services and in increasing cyber-security in both hospital records and devices are key. Acfee has a report on eHealth cyber-security. It’ll be available on Acfee’s website soon, then followed up with supplementary commentaries are more information and insights become available. Acfee members will be notified when it’s available.

  • Check your sexual health at home with Everlywell

    Most Sexually Transmitted Diseases (STDs), sometimes referred to as Sexually Transmitted Infections (STIs), do not reveal their symptoms initially. This covert nature creates a risk of passing the disease on to other people.

    The WHO says there’s a daily global prevalence of more than a million acquired STD. Trichomoniasis, chlamydia, gonorrhea and syphilis are the most common STDs. Globally, they’re responsible for 143 million, 131 million, 78 million, and 5.6 million infections respectively. 

    In 2015, the Centre for Disease Control and Prevention (CDC) reported a record increase of STDs in the age group between 15 and 24 years old. Over 1.5 million chlamydia cases and 400,000 new cases of gonorrhea were reported. These alarming rates propelled Everlywell to add STDs testing to their repertoire to equip young people with a simple, hassle-free way to access tests.

    Everlywell, based in Austin Texas, launched its diagnostic testing kit last September. It offers a digital platform which provides a convenient at-home testing for clients says an article in MobiHealthNews. By avoiding numerous doctors’ appointments and lab results, Everlywell provides online test orders with required samples sent to the nearest certified laboratory for analysis. Here, expert physicians review the results and report them back online after a few days. It’s like Computerised Physician Order Entry (CPOE) with patients replacing physicians.

    The STD diagnostic test kit costs $249. It deals with diseases such as HIV, syphilis, herpes type 2, gonorrhea and chlamydia. In cases of abnormal results, like testing positive for a curable or incurable condition, trained physicians follow-up, provide prescriptions for required medications and, for life changing results, will provide counselling services and guide you through the next steps.

    Young people globally face many barriers when they access or receive reproductive health services and quality STD prevention and management services. This is especially true for many African countries that don’t have the resources to allocate to STD prevention and treatment.  These barriers include, lack of transportation, long waiting times, conflicts between clinic hours and work or school schedules, embarrassment and stigma attached to seeking STD services, and concerns about privacy and confidentiality. Consequently, many would rather suffer in silence than try to seek help. By enabling people to perform STD tests in the comfort of their own homes, Everlywell, bridges these gaps. It encourages and increases STD testing, and provides a frequent, easier, less embarrassing and more convenient way to test, treat and manage STDs. For this initiative to succeed in African countries, the cost and healthcare capacity to care for more patients need addressing.