Ransomware attacks Dentists Offices

An online data backup service called DDS Safe that archives medical records, charts, insurance documents, and other personal information for dentist offices were attacked with an extremely advanced and fairly recent strain known variously as REvil and Sodinokibi

DDS Safe is offered by Digital Dental Record who uses a cloud management provider called PerCSoft. PerCSoft was hit with the ransomware strain on Monday, Aug. 26th and encrypted the patient information for 400 dental offices. 

At this time, roughly 80-100 of the offices have had their information restored after PerCSoft paid an undisclosed amount for the decryption key. 

Threats against Healthcare

While government agencies seem to be facing the brunt of ransomware attacks, healthcare is facing roughly 30% of all attacks. According to the HHS, “The presence of ransomware (or any malware) is a security incident under HIPAA that may also result in an impermissible disclosure of PHI in violation of the Privacy Rule, and a breach, depending on the facts and circumstances of the attack.”

Layering both Security+ and Compliance+ by ITonDemand helps to mitigate the risk of a ransomware attack. 

How can I protect my practice/business against ransomware?

  • Data Backups are a Necessity: It’s important to maintain both cloud and offline backups of PHI or sensitive information. In the event one becomes inaccessible, the other can be restored with minimal downtime. 
  • Systems Inventory: Have an IT systems audit performed where and systems that are outdated or no longer secure can be isolated.
  • Continous Security Education: Perform security awareness training regularly and keep security awareness programs up to date.
  • Patch Cycle Program: Use a patch management program where patching is performed at least every 30 days including third-party applications.
  • Perform application whitelisting: Application whitelisting ensures systems run authorized applications.
  • Endpoint detection and response (EDR): Baseline systems and keep an eye out for any new or rogue processes.
  • Secure email gateway: Deploy a secure email gateway solution that removes malicious emails from users’ mailboxes.

PHISHING

Download our infographic and learn how to identify a phishing scam when you see one.

Other Articles You Might Be Interested In:

Top 15 Benefits of Managed IT Services

Top 15 Benefits of Managed IT Services

When running a business, information technology (IT) can be complex, time-consuming, and essential. However finding, hiring, and training qualified IT staff members has become more difficult than ever. With long hiring periods due to the specialization of the role,...

read more
Should You Hire an Enterprise IT Architect?

Should You Hire an Enterprise IT Architect?

Information technology (IT) is a crucial component of any enterprise, as it touches every digital aspect of a company ranging from computer systems to payment processing. Various software tools and know-how are needed to keep IT architecture operational, whether using...

read more