HACKED: Why cybersecurity for dental clinics is critical

When a dental clinic got locked out of its files

TLDR

A cautionary tale from a Toronto dentist that tells us why cybsersecurity for dental clinics is critical. In fact this is applicable for all healthcare organizations in Canada today. The clinic was hit with a ransomware demand of $150,000, but was saved as they had cybersecurity precautions in place. Goes to say that having good security hygiene, protocols & training in place can eliminate the ‘root canal’ pain for your business.

Table of Contents

“Violated”

That’s what a Toronto dentist felt when he learnt that his office’s computer network had been attacked with ransomware.
Recounting the experience, he says, “It was terrible”. “My wife was even nervous about sleeping at home.”
The impact? 19 out of the clinic’s 22 computers became encrypted. True mayhem ensued. For atleast a day staff were locked out of digital files and had to take notes on paper. As you can imagine, critical patient appointments & follow-ups went for a toss. That day it hit home why cybersecurity is critical for dental clinics & healthcare organizations everywhere.
Reported by CBC News, they decided not to identify the dentist to avoid making his clinic a potential target again.
A message left on the infected machines read “Ryuk,” identifying the ransomware as the same strain that hit three Ontario hospitals and health-care facilities in Alabama and Australia.

Really Lucky

“We were really lucky,” the Toronto dentist said. “At least we had a good backup.”
Patients soon started receiving phishing emails — messages meant to trick users into giving hackers access to the recipient’s computer or data.

This note, which CBC printed out, was left on computers at a Toronto dental clinic hit with Ryuk ransomware. (Submitted by clinic & shared by CBC News)

Ransomware typically encrypts files, with attackers demanding a digital currency payment from victims in order to release the data.

The Ryuk malware is known to store a ransom note in infected computers. (Thomas Daigle/CBC)

Ryuk, a form of ransomware, allows hackers to view a computer’s files and gather information for several weeks, unbeknownst to its victims.

'Definitely at risk'

When you stop to consider that numerous banks like Silvergate Capital, Silicon Valley Bank, and Signature Bank of New York collapsed in March 2023, followed by First Republic Bank in May; you realize that financial institutions are hurt most by fraud. Of these banks, Signature and Silvergate suffered from their links to the highly unstable cryptocurrency market which first boomed, and then went bust. Another major threat to banks is the creation of a fraudulent ID, also known as “Frankenstein ID”, which is created by an amalgam of real and fake information about malicious actor/s to create a synthetic identity. Such people rob banks by getting loans which cannot be recovered, nor can they be prosecuted as they do not exist in official (federal or state) records. The biggest challenge for the enforcement authorities remains crime which is cyber generated, or is rooted in digital manipulations.

This unfortunately is not new. The Toronto dental clinic is just another target in a series of ransomware attacks hitting Canadian networks, particularly in the health-care field. A string of the Ontario municipalities — including Woodstock, Stratford and The Nation — have previously fallen victim to ransomware.
Canadian healthcare clinics are increasingly being targeted by a wave of global ransomware attacks, said Toronto based cybersecurity expert Amit Sarkar, CEO & partner with the global security & compliance firm FriggP2C.
“And the worrying aspect is that most healthcare organizations are unprepared,” he said. “They are most definitely at risk.”

Cybersecurity is critical

A survey of Canadian organizations found the vast majority (88 per cent) experienced a data breach over the last 12 months. A research by the U.S.-based cybersecurity firm Carbon Black also found 82 per cent of Canadian companies surveyed reported an “increase in overall attack volume.” This underlines why cybersecurity for dental clinics is critical, many of them currently at risk.
“The criminal syndicates of the world … are laser-focused on targeting hospitals and municipalities’ emergency management systems,” because of their importance in critical situations, said Tom Kellermann, Carbon Black’s head cybersecurity strategist.
“[Criminals] recognize that ransomware is far more impactful in these types of organizations due to their mission.”
Data breaches also happen due to employee errors. “While some of these instances might be criminal in nature, several of these stem from ignorance of proper security protocols”, says chief compliance expert Harini, of FriggP2C. She stresses the importance of regular security audits & training to ensure healthcare organizations not only protect customer data (PHI), but also information that can impact the business (revenue) side of the setup. “It’s just as important & mandatory as regular fire drills”, she stresses – underscoring why cybersecurity is critical for dental clinics & other healthcare entities alike.

Free fix?

The RCMP discourages victims from paying ransom.
But even though cliché, the phrase ‘Prevention is better than a cure’ still stands strong. And, luckily it doesn’t really cost a lot. Registered organizations like FriggP2C provide guidance, resources & certain audits free of cost to small & medium healthcare organizations.
In many cases, hacked organizations with small information technology departments may hire outside firms for help regaining access to files. An online service, likely little-known to Canadians, can also sometimes do the trick for free.

The No More Ransom Project — an initiative involving the European Union’s law enforcement agency, Europol — offers tools on its website to unlock files encrypted with malware. The service is available to users around the world, including in Canada.
New Zealand-based Emsisoft acts as a project partner, lending decryption tools to the initiative.
Europol’s European Cybercrime Centre is one of the partners involved in the No More Ransom Project. (Ilvy Njiokiktjien/EPA)
Callow said Emsisoft is mainly an anti-virus company, but it provides ransomware-fighting tools as a “public service.”
He stresses though that ransomware often causes damage to files it encrypts, making them irrecoverable. “So data loss is very common in these cases, even if the ransom is paid.”
But for “the three to five per cent [of cases] in which we can help,” Callow said, “our services are provided at no cost whatsoever.”

The Happy Ending

The Toronto dentist said his clinic didn’t pay to regain its files. They were lucky they followed cybersecurity protocols & had backups in place for their dental clinic. But would he have paid? Underlining the frustration & helplessness that most healthcare clinics like his would face when met with a ransomware demand, especially if not protected –
He said he would pay.
“If someone said to me, ‘Pay $20,000 and you get your files back,’ I’d give them the money,” he said. “Because I need my files.”
The clinic is now taking steps, such as reinforcing firewalls and issuing new computer usage guidelines for staff, he said.
His message for others? Ransomware is a “real issue … and it’s bound to get worse.”
Get secure today!

Reference: Parts of this article is excerpted from a CBC News article.
1. https://www.cbc.ca/

If still in doubt or Need Guidance or Immediate Assistance?

Why don’t you contact us at (+91 733-113-2288), or write to us at (service@friggp2c.com | friggp2c@gmail.com)
Also, check out our services like Vulnerability Assessment, Penetration Testing, Code Review, Testing as a Service, and Risk Management on our website www.friggp2c.com.
We are determined to work with and for you and make your organization one of the safest business organizations for you, your customers, and all prospective clients.

About the Author

Ayan Chatterjee

A tenured business leader with over two decades of experience leading organizations across multiple domains including healthcare. He has seen the impact of security breaches first hand and has become a passionate advocate for security & compliance preparedness in organizations.