Ransomware Threat Escalates

By Randall Smith, BRS Dental Vice President, Systems Support

We have seen an increasing incidence of “ransomware” threats, both from client experience, and from published accounts.  “Ransomware” is a category of malware that encrypts files, and demands payment for a key allowing decryption of the files.  This type of ransomware, sometimes referred to as “Cryptoware”, originates with criminals that send malicious spam emails, or attach malware to websites.  In prior versions, the recipient typically had to do something, such as open an email attachment, or follow a link to a malicious website.  The latest version, called CryptoWall 2.0, adds a more dangerous component by “poisoning” advertisements on websites, including some popular and mainstream sites.  If a computer is not running the latest versions of software, or has browser settings to automatically “play” content, the ransomware could run without any warning.  Once criminals encrypt files, the options are to pay the ransom for the decryption key, or remove the ransomware, and (hopefully) restore the affected files from a backup.  In most cases, antivirus and security software cannot restore encrypted files.

How can you avoid being attacked by criminal ransomware?  Certainly, do NOT follow links or open attachments from unknown emails.  However, that alone is not enough, as mainstream websites may serve up poisoned ads.  BRS recommends making sure all software is patched and up to date, as that can help avoid malware targeting unpatched systems.  If add-ons like Adobe Flash are not absolutely needed, uninstall.  If Flash is needed, make sure your browser settings don’t allow automatic running of Flash, but rather prompt you to take an action.  Many of our dental practice management software clients have local IT computer and network support companies – discuss this specific threat with them, and see what can be done to minimize the risk.

Here are some resources if you would like to learn more about this threat: Overview   &   TechRepublic In-depth Technical Details (unless you are an IT expert, consult with your computer support vendor before making any system changes.)