A ransomware checklist

May 29, 2020
Dr. Lorne Lavine

Volume 54, Issue 6

Encrypting data and having a cybersecurity plan in place can help prevent ransomware attacks.

Many practices are starting to see the light at the end of the COVID-19 tunnel and are starting to re-open to the “new normal.” However, there are still many issues related to the “old normal,” as well as this new reality. In my discussions with dental offices all over North America, there is little doubt that fear of the network being hacked and data being compromised is the number one IT concern that dentists are facing.

Ransomware is a specific concern for most offices. The reports of 400 offices in Wisconsin and 100 offices in Colorado all being hit with ransomware last year helped bring this issue to the forefront. For those unfamiliar with what a ransomware virus is, it’s a specific type of malware that locks your critical files and demands that you pay a ransom, always in untraceable cryptocurrency, in order to get the files unlocked. Many dentists are unaware that if you get hit with a ransomware virus, according to Health and Human Services guidelines, you’ve suffered a breach and must follow the Breach Notification Rule, which includes notifying all patients in writing. This would be devastating to any dental office.

The approach I take to dealing with ransomware follows this sequence: Prevent ransomware from getting onto your network, deal with the viruses that do get through, make sure that a ransomware virus can’t get unencrypted data, and have a plan to restore the data without paying the ransom. Let’s evaluate each of these.

The best way to keep ransomware and other malware from entering your network is to invest in a good firewall. While there are no HIPAA guidelines that dictate one firewall as being more compliant than another, I always recommend a good business-class firewall. The firewall that comes with your cable modem or with consumer-level routers like those from Linksys, D-Link, and Netgear are a good start, but there are better options out there. I normally recommend firewalls from companies like Sophos and Sonicwall.

Of course, no firewall is foolproof, especially considering that the vast majority of ransomware enters the office network through email, so you’ll need to supplement the firewall with anti-malware software. While most general-purpose antivirus programs claim to handle ransomware, in my experience, that isn’t always the case. Investing in additional ransomware-specific software is the route to go. I use a software program called Intercept-X. Other good choices are Cryptoprevent and Hitman Pro.

One of the hallmarks of the Breach Notification Rule is that if there is evidence that data is encrypted, you don’t have to declare a breach. There is no reason for offices to leave their data unencrypted. All server operating systems from 2012 onward have a built-in encryption program called Bitlocker. There’s no additional cost, other than getting an IT company to activate this software if you’re not familiar with doing so yourself.

Finally, because not all ransomware attacks can be prevented, practices should have a system in place to recover from this type of cyberattack. Restoring a recent backup is usually the best way to avoid paying the ransom. Having an encrypted backup can help restore data without having to pay the ransom, as most (but not all) ransomware viruses cannot infect an encrypted backup. You absolutely need an offsite backup in case the local backup does get infected. And, obviously, you need to identify where the ransomware virus entered your network and remove it before restoring the backup to prevent a repeat occurrence.

Ransomware is a significant threat to all dental offices and continues to be a major concern. With a pragmatic approach to dealing with these viruses, you can limit your risk and have the peace of mind that your critical patient data is safe and secure. 

download issueDownload Issue : Dental Products Report June 2020