Ransomware is bad and getting worse. The price decline of patient records has driven cyber-criminals to change their tactics and look for new ways to supplement the downturn.
As reported on the ZDnet website, Satan Ransomware-as-a-service (RaaS) platforms give cyber-criminals the ability to spread Ransomware in return for subscription payments. Dark Web developers automatically take 30 percent of revenues off cyber-attackers using Ransomware-as-a-service in their campaigns.
Think about this for a moment. Random criminals can subscribe to a platform that generates Ransomware with dashboard readouts and other features that track infections. Ransomware-as-a-service is creepy. Read story
Dental practices should prepare for Ransomware
Ransomware is a type of malicious software designed to lock important patient files or computer systems until a sum of money is paid. Digital extortion. The attacker encrypts the victim’s data and demands payment in return for the decryption key.
Do these things to protect your dental practice from Ransomware!
Take this 2017 HIPAA Risk Assessment: The Risk Assessment is a systematic process of evaluating potential risks within your practice and required by law. Your patients will appreciate your commitment to protecting their private information.
Make offsite backup and recovery a priority: After a Ransomware attack, the first question an IT ro will ask is whether you have a clean backup. Successful backup files are the only ones that count so make certain that a recent clean copy is stored offline safe from Ransomware. Restoring your files is a race against the clock. It can take anywhere from 15 minutes to days depending.
Step up to the cloud: using dental cloud software-as-a-service and direct image capture then pat yourself on the back. SaaS is software licensed on a subscription basis and centrally hosted in the cloud. Ransomware cannot attack in-office data that isn’t there, but instead stored in the cloud. Not all dental SaaS cloud vendors are equal so do your homework.
Keep software current: Antivirus and anti-malware services are highly recommended. Security vendors constantly work on definition updates to catch malware before it infects your files. Confirm you are running the most recent versions of all software and install regular updates and patches.
Train your staff: Human error is the weak link in a Ransomware crisis. In most cases, malware is downloaded by a practice member surfing the web, opening a link or attachment in a phishing email.
Create a Ransomware and malware disaster recovery plan: Each member of your staff that uses an office computer needs to understand your practice’s data security plan in order to avoid the devastating effects of a Ransomware attack.
The final word
Satan Ransomware-as-a-service is creepy. The mere thought of developing a “for criminals by criminals” service that spreads Ransomware is stomach turning. Society has changed and so must we.
Evaluating potential risks within your practice is the best place to start. Take your complimentary 2017 Risk Assessment today to recognize your vulnerabilities. A few minutes of your time will help protect your practice from Ransomware.
Back up your patient data often and make certain that a recent clean copy is stored off-network safe from Ransomware. Recovering your files is a race against the clock. It can take anywhere from 15 minutes to days. 15 minutes is good – days is not! Backup and recovery solutions are not created equal so do your homework.
