What Is Ransomware?
The U.S. National Cybersecurity and Communications Integration Center’s (NCCIC) has observed an increase in ransomware attacks around the world. Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by visiting an infected website.
Ransomware is the most frequently used form of malware today. It has infected and paralyzed hundreds of thousands of organizations around the world. Ransomware attacks have cost U.S. businesses millions of dollars in losses.
There’s more than one kind of ransomware. Viruses like CryptoLocker, CryptoWall, Locky, WannaCry, Petya, NotPetya, Crypto, Bad Rabbit, Eternal Blue and more are designed to deny access to your data or network until you pay a ransom. A malicious software will lock down your computers files unless you agree to pay at least $300 in bitcoin.
The FBI says that you shouldn’t pay the bitcoin ransom. There’s no guarantee that you’ll recover your files if you pay the ransom.
When your IT system is infected with ransomware, it can be devastating to your dental practice. If you have confidential patient information or other sensitive data stored on your computers or network, it’s at risk. You should take the NCCIC’s warning seriously.
How Does Ransomware Spread?
Ransomware spreads through phishing emails or when employees visit an infected website.
Phishing can trick your employees into clicking on a malicious link or attachment that sends the ransomware virus into their computer.
These emails are designed to appear as though they have been sent from a legitimate organization or known individual. They entice users to click on a link or open an attachment containing malicious code. After the code is run, your computer is infected with malware.
The WannaCry and Petya ransomware viruses spread via a vulnerability in Microsoft’s Server Message Block (SMB) network file-sharing protocol that’s widely used in dentists’ LANs (Local Area Networks). It helps your computers connect so your employees can share files and resources like printers. This function is performed within the firewall; however, it can also work spread outside the firewall if specific ports are open.
If your network and computers are infected with ransomware, recovery can be difficult. It typically requires the services of a data recovery specialist.
How Can You Protect Your Dental Practice From Ransomware?
The best way to protect your dental practice from ransomware is to prevent it from landing on your computers in the first place. NCCIC recommends that you take these precautions to protect users against the threat of ransomware:
How Does A Next-Generation Firewall & Intrusion Prevention System Work?
The right firewall and Intrusion Prevention System (IPS) helps to prevent viruses from getting into your computers. Today’s modern firewalls are built to defend against ransomware.
Your IT company should implement a next-generation firewall with an Intrusion Prevention Systems (IPS). These can keep ransomware threats from getting into your network and stop them from self-propagating and infecting other computers and systems.
An IPS collects the malicious traffic coming into your network and only lets the clean traffic through. It also performs what’s called deep packet inspection of your network traffic to detect exploits and stop them before they reach any of your computers. The IPS monitors for and identifies suspicious activity, logs the data, attempts to block it, and reports it to your IT services company.
This right IPS uses a tactic called sandboxing. It puts malicious programs in a separate place, so they can’t spread throughout your network. Ransomware like WannaCry and Petya spread like worms; they can lurk in files like Microsoft Office documents, a pdf, or updates for applications. Hackers can make these files appear valid and hide the malware. This is why sandboxing is essential for any IPS.
Ask your IT services company to:
Using VLANs allows your computers to communicate through a virtual environment to protect them from any ransomware or other viruses that may be circulating in your network. Extending VLANs or zones into your firewall takes security to the next level.
Do Most Dental Practices Segment LANS & Connect Them To Next-Generation Firewalls?
A next-generation firewall with proper LAN segmentation is the best way to protect your organization from today’s sophisticated and increasing ransomware threats. Unfortunately, many dental practices in the DC Metro Area don’t do this because they aren’t aware that they should.
This is why we’re seeing an increase in ransomware infections. If you don’t connect the VLANs to a next-generation firewall, this leaves a vulnerability in your system because the firewall can’t detect or control the traffic going through it.
Contact NOVA Computer Solutions to learn more about next-generation firewalls, VLANS, and segmenting your network to prevent ransomware infections. In addition, we can train your employees to recognize and avoid phishing and other threats.
Did you find this information helpful? If so, check out the NOVA Blog.