Skip to main content

Examples of cyber security threats

As part of our Keep I.T Confidential cyber security campaign, we've highlighted some examples of different cyber security threats that we all need to be aware of. Find out about weak passwords, phishing, tailgating, unlocked screens and social engineering.

Weak passwords

Weak passwords risk breaches in patient confidentiality. The easiest way to protect yourself from cyber threats is by having a strong and varied password. Passwords are the best form of defence we have to prevent unauthorised access, so make sure you keep them private and out of sight of others.

The longer and more complex your password, the more difficult it is to crack.

The National Cyber Security Centre have published guidance about how we should approach passwords.

Image of open laptop

Phishing

Phishing is when hackers and criminals send unsolicited emails that contain attachments or links to try and trick people into providing access to information such as patient data, health care records or details of IT systems.

If an email looks untrustworthy, forward it to spamreports@nhs.net and delete it.

Tailgating

Tailgating is when unauthorised people gain entry to a building by following a staff member through physical security facilities (doors, barriers, gates, etc.) to avoid detection. By letting people follow you, or swiping unauthorised people in, you could risk someone stealing patient data.

Don’t let unauthorised people follow you into restricted areas.

Unlocked screens

Unlocked screens are an open invitation to patient data theft. Locking screens and logging out of systems help prevent people from accessing sensitive or confidential information.

Keep your screens and devices locked with they’re not in use.

Image of an unlocked laptop

Social engineering

Social engineering involves criminals using tricks or deception to manipulate people into giving access to information such as patient data, health care records or details of IT systems. A social engineer might call and pretend to be a fellow employee, ask you to hold the door for them, or pose as a "friend" on social media channels.

Challenge everyone who is unauthorised before giving out information or giving them access to secure areas.

Last edited: 30 September 2019 1:31 pm