Ransomware attacks Dentists Offices
An online data backup service called DDS Safe that archives medical records, charts, insurance documents, and other personal information for dentist offices were attacked with an extremely advanced and fairly recent strain known variously as REvil and Sodinokibi.
DDS Safe is offered by Digital Dental Record who uses a cloud management provider called PerCSoft. PerCSoft was hit with the ransomware strain on Monday, Aug. 26th and encrypted the patient information for 400 dental offices.
At this time, roughly 80-100 of the offices have had their information restored after PerCSoft paid an undisclosed amount for the decryption key.
Threats against Healthcare
While government agencies seem to be facing the brunt of ransomware attacks, healthcare is facing roughly 30% of all attacks. According to the HHS, “The presence of ransomware (or any malware) is a security incident under HIPAA that may also result in an impermissible disclosure of PHI in violation of the Privacy Rule, and a breach, depending on the facts and circumstances of the attack.”
How can I protect my practice/business against ransomware?
- Data Backups are a Necessity: It’s important to maintain both cloud and offline backups of PHI or sensitive information. In the event one becomes inaccessible, the other can be restored with minimal downtime.
- Systems Inventory: Have an IT systems audit performed where and systems that are outdated or no longer secure can be isolated.
- Continous Security Education: Perform security awareness training regularly and keep security awareness programs up to date.
- Patch Cycle Program: Use a patch management program where patching is performed at least every 30 days including third-party applications.
- Perform application whitelisting: Application whitelisting ensures systems run authorized applications.
- Endpoint detection and response (EDR): Baseline systems and keep an eye out for any new or rogue processes.
- Secure email gateway: Deploy a secure email gateway solution that removes malicious emails from users’ mailboxes.
Download our infographic and learn how to identify a phishing scam when you see one.
Other Articles You Might Be Interested In:
When running a business, information technology (IT) can be complex, time-consuming, and essential. However finding, hiring, and training qualified IT staff members has become more difficult than ever. With long hiring periods due to the specialization of the role,...
Information technology (IT) is a crucial component of any enterprise, as it touches every digital aspect of a company ranging from computer systems to payment processing. Various software tools and know-how are needed to keep IT architecture operational, whether using...
1423 Powhatan St
Alexandria, VA 22314
233 SW 3rd St
Ocala, FL 34471
N Laurel Park Dr Ste 441
Livonia, MI 48152
1924 Baltic Way #114
Ferndale, WA 98248