The US Department of Health and Human Services (HHS) recently warned healthcare providers of a new ransomware threat targeting the healthcare sector, specifically the dental community (reference). In 2022, increased attacks on dentists resulted from rising ransomware threats.
On December 7, 2022, the Health Sector Cybersecurity Coordination Center of HHS released information about a human-operated ransomware threat called Royal. First discovered in 2022, Royal is known for demanding ransoms of $2 million and more.
While Royal has historically mainly targeted dentists, experts warn that the entire healthcare and public health sectors should consider themselves targets. If history teaches us anything, Royal will quickly expand their targets beyond just one healthcare sector. Plus, ransomware gangs have a strong history of targeting the healthcare sector–due in part to big money and the potential for big (negative) impacts. The greater the effect, the more desperate organizations are to resolve the issue; therefore, many gangs believe they are more likely to pay ransoms.
So far, the Royal attacks have stayed within the United States, with their methods remaining consistent as well. In each attack, Royal attackers claim that they have published all of the data they allegedly extracted from the victim.
They also used the following attack strategies: phishing, credential abuse, remote desktop protocol compromises, and compromising exploited vulnerabilities such as VPN servers. In addition to these common tactics, Royal has taken it further by embedding malicious links in Google ads and using an organization’s contact form to bypass email protections.
The American Dental Association (ADA) has provided a list of tips for the dental sector to protect themselves against Royal and other ransomware gang attacks.
With extensive experience in the healthcare industry, PK Tech has current dental sector clients we work with daily. We understand the intricacies that make a dental practice run smoothly, and we have the cybersecurity teams to ensure you can focus on what you do best.
With experience helping clinics maintain HIPAA compliance and prevent ransomware attacks, PK Tech is here to support your dental practice in 2023. Schedule a complimentary 15-minute consultation with a member of our team today.