American Dental Association Ransomware Attack is an Imminent Threat for Small Dental Offices
The American Dental Association was a victim of a Ransomware attack this weekend, with a new hacker group called Black Basta claiming responsibility for the attack. The ADA initially posted on their website that they were experiencing technical difficulties but have since emailed members to loop them in about becoming a victim of a Cyber Attack. The attack interrupted their chat, email, telephones and several other online services, forcing the ADA to take their systems offline.
Black Basta reportedly hijacked data which includes employee W-2’s and ADA Membership information. They claim to have released approximately 30% of the data so far.
It is probable that Black Basta intentionally besieged the ADA to get a list of members such as you. With this list, they can launch smaller, targeted attacks on under-protected offices, such as those with in-house IT or with a ‘tech savvy’ dentist (or someone in another role, such as a lab tech, hygienist, etc) trying to manage the IT and networks.
In addition to this ransomware attack, ADA members should expect a series of Phishing attacks in their email inboxes (possibly from a spoofed address), in an attempt to gain login information. Once the hackers have this, it is an easy and small step to gain access to company network, releasing another set of Ransomware.
The common fallacy that a small office is not a target in these ransomwares attacks is not only wrong, it’s dangerous. This is especially concerning because most small dental offices do not have adequate resources dedicated to their cyber security, such as choosing network admins or an IT company over an in-house or one-man support.
According to the article on bleepingcomputer.com, in regards to small offices,
“This lack of dedicated IT personnel typically causes their networks to be less secure than larger corporations with a significant security budget.”
Hackers often take the path of least resistance. It takes less time to get into a minimally secured system than a heavily protected one, and while the bigger corporations often have larger sums of funds at their disposal to pay ransom, it is easier to hit many, smaller offices resulting in a bigger payday for the hackers. Many Dentists and Office Managers are under the impression that it would cost them a fortune to afford quality IT Services, but this is no longer the case.
What steps can you take to better protect yourself?
If you’re already one of our clients, you don’t need to worry as long as you and your staff are following our recommendations about security measures.
If not, give us a call at 541-494-2099 for a no cost, no obligation Cyber Risk Assessment. We can identify areas where your security needs beefing up and provide you with an action plan. Even IF you already have an IT person/company, it never (especially now) hurts to have a second set of fresh eyes review your protocols and settings to ensure that you are FULLY protected!
The ADA is currently working with a third-party IT Company and Law Enforcement, and therefore cannot release any more specific details regarding the attack as it is an ongoing investigation.