It’s a sunny Sunday afternoon. You’re at a friend’s BBQ enjoying the last day of a nice relaxing weekend over a couple of beers. Meanwhile at your practice, your remote access along with all of your practice management systems, x-rays and documentation are being hacked and encrypted.
You have a backup, right?
Wrong.
The hackers are destroying that too.
And soon you’ll be asked to pay a huge ransom to get your data back - but that’s if the hackers deliver on their promise at all.
Sadly, this happens more often than you think.
If the above scenario seemed a little far fetched, here’s a real story that I’ll hopefully never have to tell again…
Dental practice exposed by lazy IT firm (and held ransom by hackers)
We were called in by the practice principal of a well-established practice. He was beside himself. It soon became clear why. His previous IT company hadn’t backed up their systems for over six months. Apparently, they didn’t foresee a potential hacker threat for this practice.
Furthermore, his remote access was not set up in a secure way, giving hackers an open door to walk right through, straight into his IT network.
Once inside, they had full access over the network and began removing the antivirus and other security software so that their payload could be delivered swiftly.
The goal?
Hold their system hostage until a big fat payment is made.
I advised the practice of their options:
- Ditch the last six months of their data – worst case scenario
- Pay for data recovery – not ideal
- Pay the hacker’s ransom – I don't negotiate with criminals
After a quick Google search, I discovered this particular group of hackers were taking the ransom and not delivering unencrypted files.
We decided to pay for data recovery, but that's when the real trouble began
After sending off the backup drive and the drive from the server to our data recovery specialist, he quickly told us the bad news. It was going to take a lot of time and money to recover the data.
Meanwhile, we decided to restore the six month old viable backup and keep paper records. This would allow the practice to hop along even if they didn’t even know who was going to be walking through the doors for the next week or so.
This presented its own challenge. The viable backup, which had all the data intact, wouldn't boot so was delaying the process by another day and leaving the practice without any computers for two whole business days. Can you imagine?
After two weeks of painstaking work, the data recovery team failed to get the data back and called it quits
This is one of the most heartbreaking cases which I have had to work on during my career in technology.
Not only due to the respect that I have for this particular practice principal, but also because there was no good outcome for my client. Many sleepless nights and in excess of 100 hours of my time lost to a challenge that could not be overcome.
The practice lost over six months of data and for a further six months, they had no idea who was coming to their practice, who had been, what treatment had been given or how much they owed for treatments in progress.
All of this could have been avoided with proper data protection systems and a proactive approach to IT.
Here are 4 things you must ask your IT provider right now before it's too late
- How are your backups stored? If it is a set-and-forget system to a box in your practice, start to worry. You need to know how your backups are kept and how they are secured against ransom attacks. If you are not swapping out your drives daily then make sure it is done immediately.
- What ransomware countermeasures are in place? I cannot stress this enough you need more than one layer of protection on every PC on your network.
- How is the remote access setup and secured? We have seen TeamViewer compromised as well as remote desktop, what remote access software is your IT provider using to access your computers remotely?
- How often are your backups tested? It may seem like a redundant question but there are a lot of practices that do not regularly check their backups are working - a simple successful email notification is not enough.
If you are not satisfied with the answers of these questions from your IT provider, then please do not hesitate to contact Teamwork Technology.
If you are not based in NSW, the team are more than happy to refer you to one of their premium partner companies. Teamwork Technology never want to witness another practice facing the heartache, stress, financial and reputational damage caused by a mismanaged IT system.
If you are looking to understand more about Teamwork Technology, do not hesitate to get in touch with a member of our team today or calling 1300 27 33 22. You can also reach out directly to Teamwork Technology to learn more - phone 1300 456 901 or visit https://www.teamworktech.com.au/.
