REvil Ransomware Impacts Hundred of Dental Practices Across US. (Aug 29, 2019)
An unidentified threat group breached the infrastructure of the medical records software “DDS Safe” to deploy ransomware in hundreds of dental offices across the United States. The breach was discovered on August 26, 2019, when dental staff at impacted offices could not access patient information. The software providers, The Digital Dental Record and PerCSoft, appear to have opted to pay the ransom, and have begun to distribute a decypher to dental offices. The variety of ransomware, known as “REvil,” is considered one of the most active and widespread ransomware strains of 2019, according to a Fidelis Security report.
Recommendation: Ransomware is a continually evolving threat. It is paramount to have a comprehensive and tested backup solution in place. In the case of ransomware infection, the affected system must be wiped and reformatted. Other devices on the network should be checked for similar infections. Always check for a decryptor before considering payment; avoid payment at all costs. Ransomware should be reported to law enforcement agencies who are doing their best to track these actors and prevent ransom from being a profitable business for cyber criminals.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.