Ransomware attack affects hundreds of dentist offices in the US
The ransom was reportedly paidBy Shawn Knight
Bottom line: The FBI and many security firms advise victims not to pay ransoms as it encourages attacks and there is no guarantee that they will be provided with a decryption key. The truth of the matter, however, is that paying up is usually the quickest route to returning to business as usual.
A hacking group has managed to infiltrate hundreds of dental practice offices in the US this week and load their systems with ransomware.
As Krebs on Security highlights, PerCSoft is a Wisconsin-based cloud management provider for The Digital Dental Record which operates an online data backup service called DDS Safe. The service archives dental records, charts, insurance information and more for hundreds of dental offices across the country.
Hackers were able to target PerCSoft and lock down files for approximately 400 dental practices nationwide using the Evil (Sodinokibi) ransomware. Multiple sources are reporting that PerCSoft paid the ransom and was supplied with a decryption key which it is actively distributing to affected dental offices to help them recover their files.
Krebs said it is unclear if PerCSoft paid the ransom directly or if the funds were supplied by an insurance provider.
It is in the hackers' best interest to supply decryption keys to paying victims. If they developed a reputation of not supplying keys, people would simply quit paying ransoms and there would be no financial incentive for the hackers to continue.
According to ProPublica, it is often much cheaper to file an insurance claim and pay the deductible than it is to cough up the full cost of a ransom demand. Unfortunately, this encourages hackers to specifically target companies that they know have cyber insurance and the cycle continues.
Masthead credit: dentist office by Sebastian Duda