Published 09 Sep 2019

Hundreds of dental clinics around the United States were denied access to their dental records recently, as cloud-management provider PerCSoft was affected by a ransomware attack.

PerCSoft manages a service called DDS Safe, which remotely stores medical charts and records, personal information, and insurance documents for some dental practices in the United States.

A ransomware attack typically involves infecting host computers through a virus or worm. Once in control of a host machine, a malicious hacker can identify and encrypt important data. Without access to such important data, a company’s operations can be severely compromised. The attack is accompanied by a ransom demand for a certain sum of money, usually to be sent to an untraceable cryptocurrency address.

PerCSoft encountered the attack on Monday, August 26. Not all dental offices that use DDR Safe were affected, but the Wisconsin Dental Association’s director of communications, Brenna Sadler, indicated that around 400 dental offices had their data encrypted by the ransomware, with perhaps as many as a hundred already having their files restored at the time. No details have been disclosed about the amount of the ransom demand.

It is also unclear whether one of the involved parties paid the ransom demand. In a Facebook group for dental sector IT professionals, however, users provided screenshots that suggested the ransom had been paid. One screenshot showed the decryption tool for REvil, which is a relatively recent and very advanced strain of ransomware.

Some dental practices were concerned about not being able to process their payroll, while others reported that the decryption tool they had been provided with was unable to completely decrypt their files.

Despite many security firms and the FBI counselling against paying ransom demands, many companies pay up, sometimes with the help of insurance, in order to quickly restore their operations. The public relations director of ProPublica, Minhee Cho, recently talked about this in an email:

“More often than not, paying the ransom is a lot cheaper for insurers than the loss of revenue they have to cover otherwise. But, by rewarding hackers, these companies have created a perverted cycle that encourages more ransomware attacks, which in turn frighten more businesses and government agencies into buying policies. In fact, it seems hackers are specifically extorting American companies that they know have cyber insurance. After one small insurer highlighted the names of some of its cyber policyholders on its website, three of them were attacked by ransomware.”

Of course, one way to avoid fuelling this vicious cycle is to avoid being affected by ransomware at all. With cybercriminals increasingly targeting cloud services, many companies may feel reluctant to embrace cloud technologies and the benefits they can bring, such as greater availability, superior scalability, and lower implementation costs.

Here at Pro-Networks, we are acutely aware of the very real threat from cyber criminals, but rather than avoid adopting cloud technologies, we believe companies should exercise far-reaching due diligence when choosing a provider for managed cloud services, specifically in areas like data protection compliance, technological protection methods and physical security procedures.



Travelex slapped with £3m ransomwar...

Microsoft responds to new Windows h...

UK government warns charities about...