The True Costs of a Ransomware Attack
I started writing this post months ago as a spate of ransomware events rocked the dental and medical community. It seems almost intertwined with COVID-19 and in a lot of ways they are inextricably linked. Some of the safety measures we have taken as businesses, in terms of working from home and our reliance on technology, have left more of us vulnerable to an attack.
After writing a post on the Anatomy of a Ransomware Attack, a dentist wrote to me about her first hand experience. She was attacked through her IT service provider, and the attackers encrypted and ransomed all of her patient data by first attacking and locking her backups. The office was in a small town and the practice doesn’t stand out other than it was connected to a larger IT firm that specializes in dental offices and support. In this case, as with so many others, there was no great neglect on the part of either business, and that is what makes ransomware so scary. The IT provider was regularly backing up the office, and the office has spent the time and care to take precautions to be prepared. The one weak link is that they were not using an air gapped backup, which you can find out more here and how we implement them.
The true costs associated with an attack like this are not only the ransom being demanded but in the days of production lost, the hardware that had to be replaced, the patient data that was at risk of being exposed, the legal fees, consulting fees and the hours spent coordinating and architecting a whole new office network. Because their backup system was attacked, they lost all of their patient data, and their IT system was still not up and running 2 weeks later. The dentist stated total costs to the practice were more than $200,000. According to our cybersecurity team, that is not far off what they regularly see when it comes to dental office attacks.
Being prepared starts with a good team and a good plan and it begins with your IT provider. Work with them to help develop and identify where you are vulnerable and where you need additional members to help strengthen your defenses. This team could include cybersecurity specialists, network specialists, insurance providers, HIPAA consultants, lawyers, and even the FBI. Create a plan, and practice it just like a fire drill.
The FBI is our leading cybersecurity task force. When a breach occurs, they should be your first call as they assist with the legal aspects. They are vested in keeping you safe and have several recommendations for how to prevent and handle Ransomware incidents:
Keep operating systems, software, and applications current and up to date.
Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.
Back up data regularly and double-check that those backups were completed.
Secure your backups. Make sure they are not connected to the computers and networks they are backing up.
Create a continuity plan in case your business or organization is the victim of a ransomware attack.
The FBI does not recommend paying the ransom, however here is where it gets complicated. They are not the Health department and when it comes to patient data, dentists must work with their health department, insurance providers and attorneys for the best course of action.
One thing that the FBI, cybersecurity firms and we all agree on however, is that ransomware prevention and a solution is a team effort. We need to work together to create a safe space for dentists to practice and feel confident that if the worst is to happen, there is a path back to safety and business stability.
At Siligent, we have an IT team ready to help you. Our knowledgeable guides made up of service, dental, cybersecurity and IT professionals would be happy to help you build a good team and a good plan to defend your business against ransomware attacks. Contact us to get started!