Lessons Learned from Massive Ransomware Attack Against US Dental Clinics

Protecting Your Dental Practice Against a Ransomware Attack

Approximately 400 dental practices across the United States recently made one of the worst possible discoveries – they learned of a crippling ransomware attack that left them without access to any patient charts, x-rays, and their practice’s schedule and payment ledger. As a result, they were unable to treat any patients until the matter could be resolved.

It was every dentist’s worst nightmare.

If you haven’t already been educated about the severe threat of ransomware and established a disaster recovery plan, this high-profile attack should serve as a cautionary tale and prompt you to take action right away.

What is Ransomware and How Sophisticated is It?

So, what exactly is ransomware? Ransomware is a type of malware that encrypts your computer files and has become a growing threat to individuals and businesses across the world.

After the attacker locks and encrypts your computer data, they demand you pay a ransom in order to restore access. But paying the ransom doesn’t always ensure your access will be restored!

This is one of the worst-case scenarios when it comes to a cyber attack, as your personal files are being held hostage, preventing you from accessing important documents, photos, and financial information. And while these files remain on your computer, because they are encrypted they will be completely unreadable, leaving you powerless.

Ransomware spreads through phishing emails, remote desktop protocols, drive-by downloads and USB drives. It most often targets businesses in the services industry.

Types of Ransomware

Ransomware comes in many forms, with some much more harmful than others. The one thing in common they all share is the fact that they encrypt your files and demand a ransom.

Here are some examples of the most common forms of ransomware.

Cerber

Cerber is a fairly new, yet incredibly damaging type of ransomware developed within the past two years that has already affected millions of people. Cerber ransomware targets cloud-based Office 365 users through an elaborate phishing campaign. What makes it so harmful is that the decryptor is compatible with 12 different languages.

Locky

Locky ransomware is spread through spam, usually in the form of an email that appears to be an invoice. When the email is opened, you are instructed to enable macros in order to read it, which allows the ransomware to start encrypting your files. You will then be asked to pay a ransom in order to regain access.

CryLocker

CryLocker will personalize your ransom message using data stored within your computer, such as your name, birthday, and location. This personalized message aims to pressure the victims into paying up. CryLocker will also lock you out of your computer, and demand the ransom be paid within 24 hours.

Jigsaw

Jigsaw is one of the most harmful forms of ransomware, as it will begin deleting your computer files one by one until the ransom is paid. One or more files will be deleted every hour for 72 hours. After the 72 hours are up, if the ransom is unpaid, the remainder of your files will be deleted.

Sodinokibi

Sodinokibi is another newer, yet advanced form of ransomware considered a ransomware-as-a-service. This type of ransomware demands the victim pay $2,500 to regain access to their files and threatens to double the ransom if not paid within four days.

Doxware

Also known as leakware, doxware will threaten to publish your personal information found in your computer online unless you pay the ransom.

Scareware

Scareware is a fake software that claims to have discovered issues on your computer and will demand money in exchange for resolving the problem. Scareware can sometimes lock your computer or flood your computer screen with alert messages and pop-ups.  

How Ransomware Can Affect Your Dental Practice

If infected, ransomware can cause serious consequences, including:

How Did 400 Dental Offices Fall Victim to A Ransomware Attack?

The high-profile ransomware attack that struck hundreds of dental offices in the US around the end of August was from the Sodinokibi variety and targeted the Digital Dental Record, an IT software provider servicing dental practices. The ransomware specifically targeted a “cloud remote management” system related to the product.

It’s been reported (but unconfirmed) that the dental offices were able to regain access to their files as the Digital Dental Record made the decision to pay the ransom. However, it’s unknown if any sensitive patient data was stolen during the attack.

How to Prevent a Ransomware Attack

As a successful dental practice, the last thing your business needs is to have your data compromised by a ransomware attack.

Following these tips can help to prevent against a damaging attack:

But at the end of the day, no one is safe from ransomware. Sometimes, there is little you can do to prevent against it, so your best course of action is to ensure your business is protected in the event of a ransomware attack.

This is where a business continuity or disaster recovery plan comes in.

If you haven’t already, incorporating ransomware defences and reliable backup systems into your disaster recovery plan can help keep your business protected in the event of a ransomware attack – and it may also reduce your insurance premiums!

Frequent off-site backups should also be carried out in order to protect your patient and business data and reduce potential downtime after being victimized by ransomware.

IDS Systems offers reliable solutions that allow you to consistently backup your data to minimize damage in the event of an attack. IDS DataGuard™ can also help your organization keep data losses to as brief as 30 minutes.

For any assistance with ransomware protection and other security solutions for your dental practice, contact the experts at IDS Systems today.