Data breaches can happen to any person, business Cybersecurity expert offers best practices for protection
G
ary Salman, CEO and co-founder of Black Talon Security, has a warn- ing for dental workplaces. “Many
practices still harbor a broken mindset, meaning they believe they are immune to breaches, thinking that it won’t happen to them,” he said. Salman’s New York-based cybersecurity firm has experience helping dental practices be mindful of expanding threats. In 2019, he helped some of the prac- tices affected by a ransomware attack that impacted about 100 dental practices, leaving them without access to their patient records, schedules and more. Salman also lectures across the country, providing tips on how to avoid data breaches. He answered questions from the ADA News on what causes data breaches and how it relates to practitioners.
ADA News: What are typical causes of data breaches? Salman: There are two primary causes of data breaches. The first attack methodol- ogy utilizes social engineering scams, such as phishing, spear phishing, SMSishing [done via text or instant messaging apps] and Vishing [using phone calls and voice- mail]. These attacks typically result in users surrendering their credentials, such as usernames and passwords, or downloading malicious payloads that deploy ransom- ware and steal patient data. The second attack methodology involves detecting and exploiting vulnerabilities in devices such as firewalls, servers, workstations and smart devices. Hackers scan these devices without the practice’s permission, identify flaws in software and hardware and use tools to gain access to the device and its data. Once they have infiltrated the network, they spend days or weeks exfiltrating most or all of the patient data and gain access to other systems that the practice uses.
ADA News: Are there obvious signs that a cybersecurity incident has occurred? What should dentists be on the lookout for? Salman: Arriving at their office on a Monday morning, employees may find that comput- ers either won’t turn on, display a skull and
crossbones on the monitor or see a ransom note indicating a ransomware attack. Other signs include servers being down, worksta- tions malfunctioning, encrypted files on the desktop, inability to open files and the possibility of receiving phone calls from the hackers.
tools to preemptively detect malicious emails are critical measures.
ADA News: What are practical ways dental offices can prevent data breaches from hap- pening? Salman: In addition to collaborating with their IT resources, practices should engage a dedicated cybersecurity company that works hand in hand with IT to ensure ad- herence to all best practices. It’s also crucial that all doctors and staff complete cyberse- curity awareness training, a key component of compliance with HIPAA, and undergo a security risk assessment to determine if changes are needed in their current data security policies and procedures. Real-time vulnerability scanning of computers to de- tect hardware and software vulnerabilities is essential. Daily scanning of firewalls to identify vulnerabilities, misconfigurations or open ports is necessary. Employing an ethical hacker to test the configuration and resilience of the firewall and using AI-based antivirus software to reduce ransomware risks are important steps. Maintaining clear visibility into all devices that pose a risk to the practice enables doctors to make informed, risk-based decisions. Implement- ing multi-factor authentication on bank- ing, human resource systems, finance and electronic health record systems, using a domain-specific email address instead of a free Gmail or AOL account and deploying artificial intelligence-based email security
ADA News: In the last few years, are hackers getting more sophisticated in their methods? Salman: Very much so. We have observed a significant increase in payroll fraud, wire fraud, email compromise and third-party breaches that subsequently impact the prac- tice, patient care and reputation, among other issues. Criminals are leveraging AI- based technology to create malicious code, a technique that no longer necessitates ad- vanced coding skills from hackers. They are also utilizing technologies such as ChatGPT to craft highly convincing spear phishing emails. An example [might include] a fake referral letter that directs the recipient to a malicious link under the guise of download- ing X-rays.
ADA News: What should dentists do if they fear that a data breach has happened? Salman: Immediately disconnect the network from the Internet to sever the hackers’ access. Encourage anyone who witnessed anything unusual or possesses relevant information to create a timeline and document their observations. This documentation may include screenshots of ransom notes and detailed accounts of events as they recall them. Contact the cyber insurance provider without delay. Do not erase or delete any data on the system. Maintain confidentiality about the incident to prevent public knowledge of the poten- tial cyber event. Engage a cybersecurity firm to conduct forensic analysis and assist with network recovery. Inadequate management of a cyber event can lead to severe legal and compliance repercussions. It is important to note that most IT companies prioritize re- storing operations and may not fully grasp the legal implications of the breach.
Editor’s Note: This article first appeared in the ADA News, March 11, 2024 and is reprinted with permission. The article is intended for information about the broader perspective on dentistry, regardless of its alignment with the ADA’s stance. Publication of this article does not imply the ADA’s endorsement, agreement or promotion of its content.
ISSUE 1 | SPRING 2024 | focus 9
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32
