Ransomware and Data Extortion Group: Targeting Health Organizations

Ransomware and Data Extortion Group: Targeting Health Organizations

Ransomware attacks are among the most common ways cybercriminals coordinate attacks designed to obtain patient data. According to the Identity Theft Resource Center, ransomware attacks more than doubled between 2020 and 2021 – from 158 in 2020 to 321 in 2021 – victimizing over 41 million individuals.  

Cyber-attacks are no longer being orchestrated by an individual hacker sitting in their basement, they are coordinated by cybercrime groups. Those of which are targeting health organizations due to the valuable personal identifiable information (PII) and patient health information (PHI) that lies within their data infrastructure. 

This article is sharing: 

  • A recent alert regarding ransomware attacks on health organizations 
  • Steps you can take to protect your dental practice from ransomware 
  • Creating a backup and disaster recovery plan 

Alert from CISA, FBI, and HHS Regarding Ransomware Attacks on Health Organizations 

A recent joint alert presented by Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) warn of a cybercrime group – Daixin Team – that is actively targeting the U.S. Healthcare and Public Health (HPH) sector through ransomware attacks. 

“Since June, Daixin Team attackers have been linked to multiple health sector ransomware incidents. They've encrypted systems for many healthcare services, including electronic health records storage, diagnostics, imaging, and intranet services.

Daixin Team ransom note (CISA/FBI/HHS)

They're also known for stealing patient health information (PHI) and personal identifiable information (PII) and using it for double extortion to pressure victims into paying ransom under the threat of releasing the stolen information online.”

Preventing Ransomware

Protecting your practice from ransomware is a complex endeavor involving both technology and education. You need the right tools, the right information, and the right business processes. 

To help ensure that your dental practice is thoroughly prepared, here are a few key steps to protect your data:

  1. Enable multi-factor authentication on all accounts. Ensuring that all users for all your accounts use multi-factor authentication (MFA) is an essential step to prevent ransomware and improve your cybersecurity in general.
  2. Perform regular external backups, and quarantine them from your network as soon as they’re completed. Keep archival history as much as possible. 
  3. Train employees on detecting suspicious emails, links, and websites. Human behavior is often the culprit in spreading malware, such as clicking an email phishing link or social media clickbait. Proper training can minimize risk by educating staff. 
  4. Keep all enterprise software updated with the latest releases and patches. Software firms continually improve security, and outdated software puts your business at risk. 
  5. Along with preventative measures, create a backup and disaster recovery plan. If ransomware encrypts your systems, you’ll be better prepared to cope if you have plans in place to continue operations and speed up recovery. 

What is a Backup and Disaster Recovery Plan?

Creating a backup and disaster recovery plan (also known as a BDR plan) can prepare your dental practice for several unexpected events and have you back up and running much faster. Planning is always important when we look at disaster recovery from an IT perspective. It’s setting up another layer of technology, plans, and procedures, and ensures trained personnel are there to respond to any potential work-stopping events. This could include many types of disasters, such as: 

  • Internet outages
  • Hardware failure
  • Software corruption
  • Ransomware/ cyber attacks
  • Power outages
  • Natural disaster
  • Theft

We wouldn’t want any of these events to happen to us, but they could. It’s always best to be prepared for all of these circumstances than not.

Ransomware Can Happen to Anyone

Ransomware and cybercrime are on the rise. And costs to businesses are increasing. Education and preparation are the best defenses against cybercrime. Responsible management needs to be proactive. Threats are real, cybercriminals are serious, and today’s IT professionals need to arm themselves with the tools and the knowledge to keep their companies safe. 

Pact-One consultants proactively manage IT environments and are available to provide you with the tools and knowledge you need to keep your practice safe. Our priority is to help prevent the risk of sensitive data being accessed and exploited, so our clients can focus on growing their practices with the peace of mind provided by Pact-One’s world-class service.

Avoid losing your business to data loss. Get our FREE eBook to learn how.Download now