3rd Party Programs: Are They Cybersecurity Weakpoints?
Almost 400 dental offices were infected with ransomware in a cyberattack this August. The computers became infected after DDS Safe, a 3rd party cloud backup software that all the affected offices were using, was compromised. The software was developed by Dental Technology Company PerCSoft.
Affected offices had their computer files encrypted behind ransomwalls. On August 26th, the Wisconsin Dental Association noted that the 400 offices were unable to access their client files due to the attack.
A ransomware attack typically locks files behind walls, demanding ransoms to be paid for its safe release.
A few days after the incident, PerCSoft began distributing decryption keys on its Facebook page. They did not state whether ransom was paid to the attackers, nor did they releaseĀ details on how they acquired the keys. A few of the dental offices that used the keys noted that only some of the lost data was unlocked.
As with other malware categories, there are many strains of ransomware. It is believed that the strain responsible for this attack was Sodinokibi, also known as REvil or Sodin. This particular type of ransomware was first discovered by cybersecurity research group Cisco Talos in April 2019.
This is not the first incident caused by Sodinokibi. On August 16th, 22 local Texan governments were hit simultaneously by the first highly co-ordinated ransomware attack. It is believed that Sodinokibi was also responsible for that attack.
How can you defend your data from 3rd party compromise cyberattacks?
As shown by DDS Safe, a software specifically engineered to keep off-site backups of sensitive data, keeping online backups is not enough to be an air-tight protection against ransomware. Instead, it is important to keep sensitive data in an offline storage location that is completely disconnected from the internet. If an up-to-date backup of critical data is always available, ransom demands can be ignored without consequence.
Second, it is important to keep all software and your operating system up-to-date. Cyberattackers and cybersecurity engineers are constantly battling to discover and patch new vulnerabilities. Oftentimes, publicly-known and fixed bugs are the cause of infection due to victims neglecting to update their software.
Finally, practicing network segmentation can help your protect computers by preventing the spread of malware across your network. By keeping important computers disconnected, malware with worm capabilities will not be able to access them if other PCs are infected.
GIGE Corporationsā IT technicians have years of designing and deploying cybersecurity measures to help protect companies from cyberattack. You can get a consultation today by e-mailing info@gige.ca or calling us at 888 366 4443.