Ransomware, phishing attacks target dentists
August 30, 2019
Two recent incidents serve as reminders that ransomware and phishing attacks can affect dentists.
Hundreds of dental practices were impacted Aug. 26 by a ransomware attack against DDS Safe, a data backup system provided by a subsidiary of the Wisconsin Dental Association, and PerCSoft, a technology provider in the dental industry.
In a message to Wisconsin Dental Association members Aug. 30, Executive Director Mark Paget said the Wisconsin Dental Association Insurance and Services Corp. and PerCSoft were investigating the scope of the attack with the FBI’s Cyber Crimes Task Force to determine next steps.
As of Sept. 5, PerCSoft was continuing to put clients back online, with the goal of returning everyone to full operations as quickly as possible, corporation President Mara Roberts said in an email to DDS Safe customers.
The corporation and PerCSoft also were working with a national, independent forensic team to investigate the incident, ensure it was contained and prevent future attacks, Ms. Roberts said.
Ransomware is a type of malware that denies access to a computer system or data until a ransom is paid. Law enforcement does not recommend paying a ransom, but it is ultimately up to businesses to decide if the risks and costs of paying are worth the possibility of getting their files back, according to the Federal Trade Commission.
DDS Safe facilitates secure data backups for dental practice computer systems. It is provided by The Digital Dental Record, which offers IT products and services to dentists.
The investigation had not detected any type of data compromise as of Sept. 5.
"If that changes, and investigators confirm that the attack released private business and patient data vs. simply locking it, DDS Safe and PerCSoft will immediately communicate that to impacted clients and assist them in complying with the appropriate next steps," Ms. Roberts said. "The team is fully aware of the possible reporting rules and deadlines, and is working tirelessly to determine the extent of notification –– if any –– that may be required."
Some affected dentists may have been contacted by outside consultants wanting to sell specialized IT and identity restoration services in the wake of the incident, but Ms. Roberts urged them to exercise caution when following advice from consultants who are not familiar with the details of this incident, as well as their practices and systems.
The corporation also advised impacted dentists to contact their business insurance, cyber insurance and professional liability carriers to determine if coverage is available and start the claims process.
"We regret the frustration and difficulty this situation has caused and have devoted all resources to resolving it as quickly and completely as possible," Ms. Roberts said.
In a separate incident in late August, three American Dental Association members contacted the ADA to report they received a phishing email signed with President Jeffrey M. Cole’s name that included the ADA logo in an attachment.
A phishing email disguises itself as coming from a trustworthy source in an attempt to obtain sensitive information, such as usernames and passwords, or to deploy malware by tricking the recipient into clicking on a link or opening an attachment. Dr. Cole did not send the email.
If recipients opened the attachments, clicked a link and entered their email address and password, they should change that password as soon as possible. If they use that same password for any other online account, they should change those account passwords as well.
The Federal Trade Commission recommends that phishing victims forward phishing emails to firstname.lastname@example.org and email@example.com and report the incident to the commission at FTC.gov/complaint
This phishing scam appeared to be a targeted attack to capture dentists’ passwords, with no malware attached.
The ADA Center for Professional Success offers several ways member dentists can protect themselves against cyber attacks.
Steps include training staff on basic data security, backing up data regularly and keeping a copy off-site, being wary of attachments and web links included with suspicious emails, and maintaining cyber defenses such as anti-virus and anti-malware software.
To learn more, visit Success.ADA.org
The ADA also offers a continuing education course on phishing and ransomware at ebusiness.ADA.org