The ADA is hit by Ransomware
American Dental Association (ADA) Ransomware Attack is an Imminent Threat for Small Dental Offices
The American Dental Association was a victim of a Ransomware attack this weekend. A new hacker group called Black Basta claimed responsibility for the attack. The ADA initially posted on their website that they were experiencing technical difficulties but have since emailed members to loop them in about becoming a victim of a Cyber Attack. The attack interrupted the ADA’s chat, email, telephones and several other online services, forcing them to take their systems offline.
Black Basta reportedly hijacked data which includes employee W-2’s and ADA Membership information. They claim to have released approximately 30% of the data so far.
It is probable that Black Basta intentionally besieged the ADA to get a list of private, individual dential professionals. With this list, they can launch smaller, more targeted attacks on under-protected offices, such as those with in-house IT or with a ‘tech savvy’ team member (such as a lab tech, hygienist, or a dentist) trying to manage the IT and networks.
In addition to this ransomware attack, ADA members should expect a series of Phishing attacks in their email inboxes (possibly from a spoofed address), in an attempt to gain login information. Once the hackers have login credentials, it is an easy, small step to gain access to company network, releasing another set of Ransomware.
The common misconception that a small office is an unlikely target in these ransomware attacks is not only wrong, it’s dangerous. This is especially concerning because most small dental offices do not have adequate resources dedicated to their cyber security. Protections such as selecting a network admin or engaging a professional IT company over in-house or one-man support can significantly boost security.
According to the article on bleepingcomputer.com, in regards to small offices,
“This lack of dedicated IT personnel typically causes their networks to be less secure than larger corporations with a significant security budget.”
Hackers often take the path of least resistance. It takes less time to breach a minimally secured system than a heavily protected one. While bigger corporations often have larger sums of available funds to pay ransom, it is easier to hit many smaller offices, resulting in a bigger payday for the hackers. Many Dentists and Office Managers are under the impression that it would cost them a fortune to afford quality IT Services, but this is no longer the case.
What steps can you take to better protect yourself?
If you’re already one of our clients, you don’t need to worry as long as you and your staff are following our recommendations about security measures.
If not, give us a call at 541-494-2099 for a no cost, no obligation Cyber Risk Assessment. We can identify areas where your security needs beefing up and provide you with an action plan. Even IF you already have an IT person/company, it never (especially now) hurts to have a second set of fresh eyes review your protocols and settings to ensure that you are FULLY protected!
The ADA is currently working with a third-party IT Company and Law Enforcement, and therefore cannot release any more specific details regarding the attack as it is an ongoing investigation.