Ransomware attack leaves 100 dental practices struggling

By Melissa Busch, DrBicuspid.com associate editor

December 11, 2019 -- A company in Colorado that specializes in providing IT services to dental practices experienced a ransomware attack that has been plaguing operations at about 100 dental offices since November, according to news reports.

Multiple customers told KrebsOnSecurity on December 7 that Englewood-based Complete Technology Solutions (CTS) was hacked, and ransomware infected and locked the systems of approximately 100 dental offices that use the company for services, including data backup, network security, and voiceover-IP phone service.

Complete Technology Solutions was struck on November 25 by a strain of ransomware known as "Sodinokibi" or "rEvil," which is the same strain that struck dental IT provider PerCSoft, encrypting the files of about 400 dental businesses in August 2019. Some practices continue to be affected with outages and are still trying to recover from the November attack.

CTS declined to pay an initial $700,000 ransom demand for a key to unlock infected systems at all customer locations. Dental practices began complaining about the situation, including the continued lack of access to their patient files, the loss of income, and the possibility of paying their own ransoms to free their files, in a private Facebook group.

Some dentists have claimed that CTS told the practices they will have to pay their own ransoms. Representatives from CTS have yet to comment.

Other issues complicating restoration efforts include some dental practice victims receiving multiple ransom notes and encrypted file extensions. Therefore, some practices were only able to unlock some of the scrambled files with the decryption keys provided by the attackers.

New York-based cybersecurity firm Black Talon Security has assisted some dental practices with recovery. The company reported that one network it worked with had to turn in about 20 ransom notes to fully recover. Unfortunately, the attackers likely are to make more money than if CTS had paid the initial $700,000 ransom note.

Attackers likely gained access to CTS' clients through a remote administration tool the company uses to remotely configure and troubleshoot systems at its customers' dental offices. Clients did not require additional authentication to use this tool, according to reports.

What you need to know about cyberattacks and your dental practice
Hackers are getting more sophisticated, and ransomware has become the most common type of cyberattack. Cybersecurity and privacy expert Debi Carr discusses...
4 steps to protect your practice against cybersecurity attacks
You have spent many years training to become a dentist, growing your practice, building your reputation, and developing a loyal patient base. It is now...
The new target that enables ransomware hackers to paralyze dozens of towns and businesses at once
Recent attacks on dental clinics illustrate a new and worrisome frontier in ransomware -- the targeting of managed service providers, to which local governments,...
400 dental practices hit by ransomware attack
About 400 dental practices across the U.S. lost access to critical electronic files after a recent ransomware attack.
Hackers demand $10K from Fla. dentist
A ransomware attack on a Florida dental office instructed a local dentist to pay $10,000 to retrieve encrypted accounting files.

Copyright © 2019 DrBicuspid.com