The U.S. Department of Health and Human Services' Health Sector Cybersecurity Coordination Center recently warned of a new human-operated ransomware targeting the healthcare industry.
Here are eight things for dentists to know:
- The ransomware, Royal, was first seen in September 2022 but has increased in appearance, according to a Dec. 7 HHS notice.
- Royal has demanded ransoms of more than $2 million, the American Dental Association said Dec. 28.
- HHS noted that the ransomware should be considered a threat to the healthcare and public health sector.
- The ransomware is a 64-bit executable written in C++ that targets windowing systems.
- The department said Royal appears to be a private group with a financial motivation that claims to also perform double-extortion attacks, in which sensitive data is exfiltrated.
- In addition to using frequently used attack methods such as phishing, remote desktop protocol compromises and credential abuse, Royal also uses new techniques, including embedding malicious links in Google ads, using an organization's contact forum to bypass email protections and placing malicious installer files on legitimate-looking software sites.
- Ransom notes appear in a README.TXT file with links to a private negotiation page.
- The American Dental Association offered several ways for dental practices to protect themselves from attacks here. Tips include training staff on basic data security and backing up data regularly.