Carestream Dental & Ransomware

You may have seen news stories about ransomware software holding people’s data to ransom, but are you aware how it could affect you and your practice? Unfortunately, cases such as the one below are an all too familiar sight to IT professionals: 

https://www.bbc.co.uk/news/technology-56933733.amp

Until earlier this year, the use of ransomware by hackers appeared to be in decline. However, with many businesses adding working from home elements to their daily operations, attackers are renewing their interest in this form of malware. Due to this, the number of incidents has risen significantly in the last few months. 

Here at Carestream Dental we have had several customers contact us following ransomware attacks during this time. These attacks happened to customers who were unaware of the best practice to prevent this kind of breach, and they sought our help and advice in re-establishing their practices following these events.

Sadly, these kinds of attack can have a devastating effect on dental practices. If you haven’t taken the correct steps to ensure that you are up to date with software updates, don’t have antivirus that is suitable or up-to-date offsite external back-ups, you can lose ALL of your patient data. 

We want to do all we can for our customers to ensure that you are aware of the risks of ransomware moving forward. Below are some facts and information that we hope will help you prepare and defend against this type of cyber-attack. 

What is Ransomware?

Ransomware is a type of malware that is added to your system to encrypt your files and folders. Effectively, this means that certain folders or pieces of patient data will be impossible to access, making normal operation of your systems impossible.

Once your system is infected the attacker will often contact you and demand a fee to release the files. This request for payment is often in Cryptocurrency such as Bitcoin as it’s harder to trace. 

Although giving in to these demands may seem like the easy solution, what you must remember is that should you choose to pay the attacker there is no guarantee that they will release the files. This is the worst situation to be in, as not only will you have spent a considerable amount of money, but your files will STILL be inaccessible, leaving you no better off from where you started and with the added pressure of knowing that the attacker can always demand more money.

Attackers tend to target the businesses that they believe will be the most vulnerable. In fact, research shows that around 62% of Ransomware attacks were on small to medium-sized businesses. As smaller businesses are more likely to have less sophisticated cybersecurity in place than giant corporations, this makes them a prime target for these attackers, especially when there is valuable information such as patient data on the line.

How can Ransomware appear on your system?

• Phishing emails. Phishing emails are designed to look like they have been sent from a trusted source (e.g retailers such as Amazon or your bank) and will include a link or sometimes a downloadable file. If this link is followed or the file is downloaded, it will infect your system.

• Visiting an infected website where the malicious software is downloaded without your knowledge.

• Social media, instant messaging in established social platforms like WhatsApp and Facebook. Much like phishing emails, this will often involve a link being sent by a hacked account via instant messaging. Even profiles of trusted friends can be hacked, so be careful about what links you follow. Attackers will also exploit vulnerabilities in web servers. 

• Staff plugging untrusted or verified External USB drives and sticks into machines.

• Weaknesses at router level if remote connections are created and not diligently managed and locked down. 

How can you prevent Ransomware?

• Make sure that you keep your operating system up to date (run Windows updates).

• Don’t install software from sources you haven’t verified or from anything other than official vendors. 

• Install Antivirus and Malware software which detects malicious programs before they are installed. 

• Don’t click on any links in emails unless you are certain of where they have come from and what the link is to. 

• Make sure that you back up your files frequently and automatically.

• Backups MUST be external and not leave the UK. Cloud-based backup is preferable; but a USB drive is sufficient as long as it is unplugged and not left in the practice each night. It goes without saying that any external media must be encrypted.

You might want to look into online resources that can help you and your staff learn how to tackle ransomware, some links are below.

How to Spot a Phishing Attempt: https://barracudamsp.com/resources/spotthephish/

Information from NCSC on Ransomware: https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks

If you would like to know more about how Carestream Dental can help you protect with our Hardware Support, Online Back-Up and Internet Security please contact the team today.