Dental practices are suffering an epidemic of ransomware attacks that demand thousands of dollars from dentists to decrypt files. Could yours be next?
The American Dental Association is signaling the alarm for dental practices operating without reliable IT support services. Just a few months ago, nearly 100 dental offices suffered a ransomware attack that prevented them from accessing important patient data, such as dental records, appointments, and insurance information. Before this incident, several hundred dental practices using the same IT consulting service experienced a ransomware attack as well.
Why are ransomware hackers targeting so many dental practices lately? IT experts think it’s for one simple reason–because dentists often neglect to hire cybersecurity professionals to ensure their data is protected from sophisticated hackers.
Ransomware is malware infecting data systems mostly through phishing scams. When someone working for a dental practice opens an email attachment containing ransomware coding, the malware immediately starts encrypting files to which the opener of the attachment has access. Instructions are then provided via the ransomware coding that tells the dental practice it must pay an exorbitant fee to regain access to files. If the fee is paid, the hackers may or may not provide the encryption key needed to “unlock” the encrypted files.
Another way ransomware hackers infiltrate dental practices is by targeting IT services managing, and monitoring a practice’s data system. In some cases, ransomware can find its way into access points connecting the IT company to client work stations. Although phishing is the most common way ransomware attacks dental practices, this type of attack is being seen more often due to inferior IT services.
The U.S Department of Health and Human Services considers ransomware attacks on dental and medical practices as HIPAA breaches. The DHHS has established the HIPAA Breach Notification Rule that says “covered entities” must notify the DHHS if protected health information is breached via ransomware or other malware. The Federal Trade Commission has similar guidelines applying to keepers of personal health records as well as any third-party service providers involved.
The FBI recommends refusing to pay any amount the hackers want to decrypt files. Dentists can submit a complaint by using this form–www.ic3.gov–to provide information about transaction data, malware hashtags, Bitcoin wallet addresses, and other information needed for the FBI to find out who is behind the attack.
While dental practices may be tempted to pay the ransom, there is no guarantee the hackers will return encrypted data files. Paying the ransom could encourage additional ransomware attacks from hackers who track successful targets on the dark web.
James Trainor, a former FBI Cyber Division Assistant Director, says, “No specific tool or method can guarantee the protection of your company against ransomware attacks. But remediation planning and contingency are critical to company continuity and recovery. Plans for ransomware attacks need to be constantly tested”.
Using anti-malware software programs to remove ransomware codes will not decrypt files. Attempting to unlock files with decryption tools could result in corrupting or losing data altogether. The best thing a dental practice can do if hit with a ransomware attack is to contact an IT service company with experience in restoring computer systems and returning access to sensitive data files as quickly as possible.
NOVA Computer Solutions offers a variety of proprietary tools and supports services designed to keep dental practices safe and secure from ransomware and other malware attacks. The flat-rate cost for our team of experts to secure company email, backup sensitive data with software that is HIPAA compliant, and maintain computer system equipment means there are no hidden expenses to disrupt monthly budgets. More importantly, dental practices protected by Nova Computer Solutions IT services are no longer under constant threat of a crippling and expensive ransomware attack.
Cybercriminals know which dental practices are vulnerable to ransomware. They could be targeting yours next. Call NOVA Computer Solutions today to learn more about defending your data against hackers.
As a consultant to dental practices, I help my clients maximize what can be done with their technology to maximize production and profit.