Smaller Dentist Offices Can Get Hit With Ransomware Too

Smaller Dentist Offices Can Get Hit With Ransomware Too

The trend of doing business online, such as making online payments, storing data in the cloud, and organizations utilizing a remote workforce, has grown exponentially over the past few years. Cyberattacks, such as ransomware, have also escalated.

For many years, cyber criminals would only attack large corporations such as governments, hospitals, universities, and most recently, the Colonial Pipeline and the world’s largest meat processing company, JBS. Small businesses were never really a target. However, times have changed and any organization who conducts business online or through computers, no matter how large or small, is at risk of a ransomware attack.

In fact, according to Tech Times, 71% of ransomware attacks are now targeting small businesses. What does this mean for your dentist office? What could happen to your business if you become a victim of a ransomware attack? How can you prevent cyber attacks?

What is Ransomware?

Ransomware is the most drastic and sinister of the different types of cyber attacks. Ransomware is malware that employs encryption to hold a victim’s information at ransom. When someone clicks on a bad link in a phishing email or downloads a bad email attachment, the ransomware is activated and can take over a computer or an entire network.

Ransomware can also infect a system by being delivered through security holes without a user taking any action at all. Some unsupported and older versions of Microsoft Windows are generally vulnerable to these attacks. Newer systems that aren’t updated with security patches can be vulnerable as well.

There are two main types of ransomware:

• Locker Ransomware – This will lock users out of their devices. A cybersecurity expert may be able to restore access.
• Crypto Ransomware – This encrypts a user’s data. Access to the data will be unattainable without a unique decryption key, which may or may not be provided by the hackers.

Once a cybercriminal has hijacked your computer or network with ransomware, the computer will display a message about the attack and will demand a payment, usually in cryptocurrency, or threaten to destroy or publish your sensitive data if payment isn’t received within the time allotted.

What are the Costs of Ransomware Attacks?

The estimated costs of ransomware attacks vary for different business sizes and go way beyond the ransom itself. Aside from the ransom cybercriminals demand, costs can incur through significant downtime, loss of customers and potential new business, and, in the worst-case scenario, ransomware can shut your business down for good.

According to PenTest Magazine, ransomware cost businesses $11.5 billion in 2019 and approximately $20 billion by the end of 2020. The average ransomware demand for large organizations was about $178,000 in 2020, and approximately $5,900 for small businesses.

How Often is Dentist Office Hit by Ransomware?

Ransomware attacks have become so common they are now calculated in seconds. Every 14 seconds, a new company was affected by ransomware in 2019. By 2021, it is estimated that a company will be hit by ransomware every 11 seconds.

Small businesses have become targets of ransomware attacks more frequently recently. Of all reported attacks in 2020, 55% hit businesses with fewer than 100 employees.

How Should You Protect from Ransomware Attacks?

It is so important for every business to plan and execute a solid cybersecurity defense strategy. Ransomware is preventable and with the right security measures in place, you can protect against attacks. Some security measures include:

• Invest in antivirus programs
• Scan computers with antivirus software regularly
• Configure your firewall to prevent ransomware
• Train your employees on best practices
• Back up your business data on a regular basis and store at least one copy off-site
• Keep your operating system’s security patches up to date
• Filter emails to prevent spam from reaching employees
• Limit the number of admin privileges given to employees
• Switch to a multifactor authentication
• Run risk assessments to check for vulnerabilities

What Should You Do if You Become a Victim of a Ransomware Attack?

1. Quarantine – Immediately isolate the infected computer or system. This will prevent the ransomware from spreading. Turn off all machines and disconnect them from the network.
2. Remove – Remove the malware and identify any security weaknesses. Once the malware is removed, change all passwords immediately.
3. Inform – It is important to inform all employees of the attack first. Next would be to notify your local law enforcement and the FBI. Finally, with the possibility of considerable downtime, it may be wise to inform clients and customers about potential issues.
4. Contact – Contact your IT partner to help with response and recovery. You should also contact your insurance agent right away if you have cyber liability insurance. The insurance policy should cover the costs of the ransom itself, business interruption expenses, hiring an expert to repair the flaw, and notifying customers.
5. Plan – The next step is to plan how your organization will respond.
6. Try to regain access – If you were hacked by a Locker Ransomware, a cybersecurity expert may be able to remove the ransomware and regain access.
7. Restore the data – The most recent version of your backed up data may. Be recoverable.
8. Abandon the data – Whether the data was backed up or not, you may choose to simply abandon the data completely. The data may not be that important to critical business operations.
9. Pay the ransom – Paying the ransom does not guarantee you will receive your data back nor will it guarantee that you won’t be hit again.

Should You Pay the Ransom?

It is not suggested to pay cybercriminals the ransom demanded. Most businesses, especially small businesses, cannot afford to pay ransomware groups to decrypt their data. It was reported that 56% of businesses hit by ransomware recovered their data through back up efforts. An additional 12% of businesses used other means to recover their data without paying the ransom. Approximately 26% of businesses hit actually paid the ransom.

Paying the ransom can lead to many more issues. Doing so can encourage cybercriminals to keep up their efforts in victimizing as many businesses as possible. Furthermore, paying a ransom does not mean you will receive your data. If enough time has passed, cybercriminals can gain access to information that will allow them to inject even more malware so that the same organization can be hit a second time by a ransomware attack.

All businesses, no matter how large or small, are targets for cybercrimes right now. Ransomware has become the most frequent cyberattack on all businesses. Having the right security measures in place, along with a continuity plan, is the best way to protect your data and your organization from falling victim to a cyberattack.

As a leading IT support company for Dentists, Orthodontists, and Oral Surgeons in Northern Virginia, Nova Computer Solutions is your trusted advisor in helping you get the right technologies at the right price. Reach out to us today so we can make sure your business is protected from cyberattacks, including ransomware. Call us at (703) 493-1796 or send an email to info@novacomputersolutions.com.