Losing all your dental practice data. Being threatened by an extortionist. Having to stop operations while patient records are inaccessible. It can be a nightmarish reality for practices hit with ransomware.
Ransomware is a dangerous cyber threat, with attacks on the rise: “From January to September of 2016, total ransomware attacks against businesses increased by 300 percent when compared to 2015.”i Small-to-midsize businesses (SMBs), which includes many dental practices, are often a prime target. Over 50 percent of SMBs have fallen victim to ransomwareii , and on average, they spend almost $880,000 to fix damages and recover data.iii When you consider possible fines, lost revenue and recovery costs, you can see how one wrong click could potentially shut a practice down completely.
Ransomware is malware that can encrypt your data — patient records, financial and accounting information, payroll and inventory — so they can’t be accessed. The attacker then demands payment for you to regain access to your valuable data.
This is easy money for hackers. They send out a mass email or post a malicious link and wait for someone to take the bait. If just one of your employees clicks on the wrong link on a website or in an email, your practice is the next victim.
Unfortunately, outside experts may be limited in what they can do to resolve these issues. It depends on the severity and circumstances and what preventative measures were put in place by the office prior to the attack. A couple weeks ago, I helped a dental office that had been hit with ransomware. An employee working remotely had been browsing the web and checking email while connected to the office’s server, and it became infected. Because the backup drive was plugged into the server at the office, it got encrypted too. Although they had another backup drive, it hadn’t been used for a while, so the office lost three months of data.
You can take steps to protect yourself. Virus protection software is a great first-line defense. However, it may not stop every virus, including those enabled by users who ignore warnings, and it often can’t identify the newest malware. In 2014, researchers tracked 500+ antivirus software evasion techniques in what was then the latest advanced malware.iv
You need more protection than antivirus software alone. I highly recommend you “insure” your data, similar to insuring yourself against other potential unexpected catastrophes, by using a backup that can restore your files to the point before the system was infected. In the last 90 days, 75 percent of TechCentral clients who were dealing with ransomware required a restore from a backup.
TechCentral Hybrid Backup Services take the hassle out of backups and restoration by regularly and automatically backing up your data to an on-site storage drive, as well as in the cloud using AES 256-bit encryption. Even if your entire system becomes infected and unusable, with a backup, you should be able to restore your data to the point before infection to minimize data loss.
With TechCentral Hybrid Backup Services, when disaster strikes, you don’t have to worry as much about losing precious data, because we’ve got your backup. TechCentral monitoring and backup services are an investment in the safety of your most precious asset, your data. To learn more about how to protect your practice from the effects of ransomware, watch a FREE webinar at www.HSTechCentral.com/webinar or call (855) 310-7265 today.
About the Author
Jamie Lamphere is a Network & Hardware Tech II at Henry Schein TechCentral, where she provides IT support to dental practices and is a trainer for the Network & Hardware and Digital Imaging support groups. Jamie has over a decade of experience in IT, networking and medical fields, and she uses her wealth of knowledge to help practices so they can remain focused on their patients.
iWhite Paper: Keep Ransomware From Scratching at Your Door, WATCHGUARD TECHNOLOGIES, http://www.watchguard.com/wgrd-resource-center/white-paper/keep-ransomware-from-scratching-at-your-door (last visited Apr 6, 2017), p.2.
iiId.
iiiTECH ADVISORY, as quoted in infographic: Ransombear Is on the Hunt, WATCHGUARD TECHNOLOGIES (2017), http://www.watchguard.com/wgrd-resource-center/ransombear/ransomware-infographic.
ivLabs Report at RSA: Evasive Malware's Gone Mainstream, LASTLINE (2015), http://labs.lastline.com/evasive-malware-gone-mainstream.