New Year, Same Threats

©~ Bitter ~/ stock.adobe.com

We have now entered a new year, and I hope many of you took me up on my suggestions for resolutions in the previous issue. Although I’m sure many of you are hoping that the cyberattacks on dental offices will let up this year, the data say otherwise: 2021 was the worst year ever for ransomware attacks and insurance claims. Many insurance carriers have stopped providing cyber liability coverage as the risk greatly outweighs the rewards.

One of the things I have been preaching for years, which I will be reviewing in this article, is that you need to take a stacked or layered approach to dealing with malware. The days of just slapping some free antivirus software on your computers, or worse, just using Microsoft Defender, the company’s built-in malware protection, are long gone. The issue is that many of the newest viruses are what we call “zero-day:” in a nutshell, so new that your antivirus software doesn’t even recognize them as viruses.

Because of this, I recommend a 3-layered approach to protection:

1. You must invest in a business-class firewall. Some may ask, What is a firewall? It is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the internet. A firewall can be hardware, software, or both. When I say business class, I mean one that isn’t designed for the home. Stay away from ones such as Linksys, D-Link, and Netgear; instead, look at models from Sophos or SonicWall.

2. You must have antimalware software protection in place. It starts with decent antivirus software. The basic rule of thumb is, if it’s free, it’s not the best option. Ones that I have recommended in the past include ESET, Trend Micro, and Bitdefender products. Even though many of these programs will claim that they also work really well against ransomware, that hasn’t been my experience. So for all our clients, we always recommend supplementing the general antivirus software with anti-ransomware-specific software. The 2 best-known examples of this are Intercept X and HitmanPro; both are sold by the same company (Sophos) and either is an excellent choice for dental offices.

3. The final piece is something I talked about in an article last year called application whitelisting. All viruses, including ransomware, are just small programs: They are a series of instructions that get executed in a specific order. Application whitelisting works by running the software on your presumably uninfected computers for a week or 2. During that time, the software takes inventory of every program that is running, including your practice management software, image software, third-party programs…you get the idea. All those programs are added to the approved list of programs that are allowed to run. After a week or so, the switch on the software is flipped from learning mode to what’s called “deny all” mode: If any program that isn’t on that approved list tries to run, it gets stopped immediately; the software will deny that and any other software from running unless they are on the list.

Offices that wish to truly protect their most valuable asset (patient data) must consider multiple levels of protection to be as secure as possible.