Hundreds of dentist offices were crippled by a ransomware attack last week. Whether or not this affected you there is something to be learned.
What exactly happened?
Two Wisconsin companies, Percsoft, and the Digital Dental Record, who partner on cloud-based record management and data backup for dentists, were hit with ransomware last week. Their digital infrastructure was connected through a common software with an exploitable vulnerability giving hackers access to their data center.
The ransomware attack not only affected these two companies, but it also halted daily operations for over 400 dentists. They were locked out of patient files and unable to access or take x-rays for days.
How was it resolved? - They paid the ransom.
Who paid the ransom? – THE CLIENTS!
Percsoft and the Digital Dental Record pushed the cost of the ransom back onto their clients, requiring them to pay the ransom to recover the data and restore operations.
Many dentists took to Facebook stating that the decryption either didn’t work or didn’t restore all data.
It is mind-boggling that a company who markets backup solutions to clients did not have a viable backup for this attack.
Subscription applications and cloud-based backup and data management are commonly used across all industries. But they still require oversight. What happened here is a recurring trend in cyber-attacks.
In May, a group attacked the accounting software company Wolters Kluwer affecting accounting firms around the world.
In June, a group breached several yet to be identified companies and used a centralized Antivirus console to infect customer PCs.
A third incident happened in June when hackers breached another company and used its infrastructure to deploy ransomware on the IT network of 22 Texas counties (initially reported as 23).
These companies failed and their clients paid the price.
What Can You Do to Avoid This?
- Have an independent network assessment to make sure your data is protected and backed-up.
- Have more than one backup system and test those systems regularly to make they are still working.
- Work with an IT and Cyber Security specialist to evaluate, design, and manage your total digital infrastructure.
You can’t protect your data if you don’t know where the vulnerabilities exist. Don’t assume everything is working. Make sure it is working and then back it up.