Electronic records can protect patient files from office catastrophes such as fire or natural disasters, but storing your patient database electronically poses other dangers. In a story that is becoming all too familiar, a Minnesota dentist learned this the hard way after his patient data was held hostage by computer hackers.
Dr. Lloyd Wallin’s Burnsville, Minn. practice was targeted twice in one week by the hackers, who blocked Wallin’s access to his own patient database. The hackers first demanded $1,000 in ransom to release the files, and four days later followed up with a demand for an additional $600. Wallin, who traded in his paper system for an electronic one earlier this year in compliance with state mandates, paid over $70,000 for the electronic system.
“It bothers me that the state made us go into this and they have no provision to protect us from hackers,” Walling told FOX news. “We had no access, we didn’t know the patients who were coming in, we couldn’t take X-rays, everything was shut down.”
The hackers broke through two viral protection systems to get access to the patient database. A spokesperson for Erikson Technologies, the hardware provider for Wallin’s office, said that they service 600 dental offices. Of those 60, 20 practices have fallen victim to ransomware attacks in the last year. A breach in California in January prompted the California Dental Association to release a statement warning dentists of the risk.
Ransomware is usually spread through phishing emails that contain malicious attachments or links to infected websites that install malware onto the user’s computer without their knowledge, allowing the hacker to steal information from the hard drive. Ransomware is a persistent problem because traditional protection systems, such as antivirus software, are ineffective in thwarting such attacks. A specific form of ransomware, called “crypto-ransomware,” encrypts information on a user’s computer instead of stealing it, making the data inaccessible to anyone but the person who installed it, effectively holding the entire system hostage.
Practices that are targeted by crypto-ransomware are informed of the infiltration by an on-screen alert stating that the computer has been locked down or encrypted, and that a ransom must be paid to restore access. Instructions on how to pay the ransom are included. Messages are designed to instill fear into the victims, tricking them to click on links. The Homeland Security website lists examples of these pop-up messages, such as " Your computer has been infected with a virus. Click here to resolve the issue," or "Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine."
Homeland Security also recommends against paying ransoms, as there is no guarantee that the encrypted files or programs will actually be released. – or that the malware infection itself was actually removed from the server.
Wallin paid the $1,600 to regain access to his server and is working with a software advisor to better safeguard his system.