Last week, a Colorado IT Support company suffered a major ransomware attack shutting down networks of over a hundred dental practices.
People on the front lines fixing this particular attack in Englewood, Colorado explained that a ransomware virus known as “rEvil” installed on over 100 dentistry practices around the country. These dental offices were impacted across the board—network security, data backup, phones systems and more—all shut down from one well-targeted attack.
There have been an alarming number of ransomware attacks targeting dentists, among other facets of healthcare this year.
What do analysts see on the horizon? MORE attacks in 2020.
In 2019 alone, security experts have found over 16,000 new ransomware modifications designed to evade detection and penetrate undetected. Hackers are hungry to get to your data—it’s more than just getting paid for them, it’s winning the game.
Right now they’re winning.
So… How does an attacker usually get into a network like the ones we’ve been seeing in the news?
There are a couple of phases that pretty much all attacks comprise of:
Delivery stage—every hacker needs to devise a way his or her virus gets onto a machine on your network. The most common ones we’ve been seeing in 2019 have been letters with links and attachments or penetration through a specific vulnerability that has remained on your network after a security patch or update was produced. While both attacks are extremely effective, phishing campaigns remain the easiest for cyberattacks.
Execution—once on your network, the virus may lay dormant for some time until the virus spreads, executes and encrypts files on your network.
Ransom demand—with every ransomware attack, there comes a demand. In the case of many recent cyberattacks, the cybercriminals are demanding large sums of money—the type of sums that will not be as easy as a withdrawal from your checking account.
Data Decryption—if you decide to pay the ransom, the hackers will send you a decryption tool (that is, if they actually do what they say they’re going to do). This process can take weeks to recover your files, depending on the complexity and size of your network. In many cases, the decryption is buggy and might leave files misnamed or some files may remain encrypted. A big concern with healthcare records is that there is really no way of knowing for certain that the decryption tool did not alter your patient records in some way.
2020 will be even worse.
Many security experts evaluating the recent attacks in Q4 of 2019 believe 2020 to bring increased ransomware activity. The threats will grow in volume, but more concerning, in sophistication.
Many leaders in the cybersecurity community believe criminals will shift their attacks to more targeted attacks. That means that perhaps they will devise campaigns specifically for dentists, making phishing campaigns more direct to you or attack systems they know all dentists use.
They are planning on making your network less recoverable.
Another concern in 2020 is that you may not be able to recover your network from an attack. Experts are seeing new ways that criminals are attacking data backups, leaving some in the cybersecurity community to fear that recovery may be a bigger issue next year. Even more, many attackers are starting to publish the data they steal if their ransom does not get paid.
How can you start making sure your network is secure against ransomware?
Proactively prepare—make sure your IT provider or team updates your operating systems to eliminate vulnerabilities. If there is not easy way to apply updates, at least make sure that computer is quarantined off from the rest of your network.
Keep security working—make sure you are using a robust security solution. Make sure your cybersecurity is updated by always installing the latest patches.
Stay attuned to backups—backup your data regularly and make sure you are storing it off of your network where a hacker cannot find it.
Avoid paying ransoms—paying ransoms only encourages more attacks on you. In fact, criminals will hit your office again if you decide to pay. It’s only a matter of time.
Get a second opinion—most experts recommend a network security assessment from a fresh pair of eyes to make sure your network is being protected as it should.