Ransomware incidents are increasing in size and number across the United States, forcing shutdowns across varied industries in recent weeks, from a meat processing plant in the Midwest to a pipeline that carries gasoline and jet fuel and serves the Southeast.
The increase and severity of the attacks prompted the Biden administration on June 2 to issue an open letter to business leaders asking them to treat the threat of ransomware attacks with great urgency. The Department of Health and Human Services’ Office for Civil Rights on June 8 shared the White House alerts with specific recommendations from the U.S. Cybersecurity and Infrastructure Security Agency to protect facilities and systems from malware attacks.
CISA also warned of a “critical VMware vulnerability” and asked businesses to patch the vulnerability as soon as it is detected. VMware is cloud computing software, and the vulnerability exists in the VMware VCenter Server and VMware Cloud Foundation.
Although service disruptions at large corporations that support national infrastructure tend to make the news headlines, small businesses, including dental practices, are not immune to malware attacks. Hospitals have become a frequent target, compromising protected health information and even patient safety. Chemotherapy treatments were delayed for patients at the University of Vermont Medical Center last November after the center lost access to medical records following a ransomware attack, for example.
Five best practices from President Joe Biden’s pending executive order to improve the nation’s cybersecurity are intended to “significantly reduce the risk of a successful cyberattack.” The practices are outlined in the White House letter titled “What We Urge You To Do To Protect Against the Threat of Ransomware” and are summarized here:
The OCR shared resources that health care facilities specifically can use for protection from ransomware attacks. They are:
Read the White House letter or the OCR’s fact sheet on ransomware and HIPAA. CDA Practice Support also has resources related to HIPAA safeguards and the responsibilities of a dental practice’s privacy and security officers. Also, learn about The Dentists Insurance Company's Cyber Suite Liability coverage, which can help policyholders respond to a full range of cyber incidents.