A/Chief Digital Health Officer, Dr Jason Brown

In the past six months you may have noticed cyber attacks have been on the rise.  Queensland Health and Metro North are targets for cyber threats with cyber criminals becoming increasingly sophisticated in their attacks.

Phishing and business email compromise, a specialist type of phishing attack, is becoming increasingly prevalent with attacks designed to impersonate senior executives and trick employees into giving away their details.

In January, Metro North Health participated in a two-week phishing simulation pilot exercise run by the eHealth Queensland’s Cyber Security Group Training and Awareness Team.

The simulation was run for 160 Metro North staff, with each staff member receiving two separate phishing emails one week apart.  Almost one-third of the staff clicked on links and/or entered their credentials, which would compromise their Queensland Health account in a real phishing scenario. These results highlight the need for additional training to ensure our staff are aware of what to look out for to identify phishing emails.

It is important staff know what to look out for and stay vigilant to avoid being scammed. To find out more about how to identify phishing or business email compromise threats, visit Metro North’s new cyber security and information privacy and governance site.

If you do receive a phishing email, make sure to report it via Outlook using the Report Phishing button.

If you have any questions regarding cyber security threats, please reach out to the team at CyberSecurity-MetroNorth@health.qld.gov.au.

Jason.