DDS Safe, which is an online cloud-based data backup system that is used by the hundreds of dental practice offices across the United States and using to safeguard medical records and other information of their patients from ransomware attacks that have been hit with ransomware. Provided by two Wisconsin-based companies, namely, Digital Dental Record and PerCSoft, the backend system of affected medical records retention and backup solutions has probably been hit by the Sodinokibi ransomware, also known as Sodin or REvil malware. Though it is not yet clear how the attackers had managed to compromise the company’s infrastructure, the latest ransomware attack is yet another example of the successful supply chain attack, crippling the computer systems in 400 dental practice offices around the United States current week.
As per the statements that have been released by both the companies, the ransomware virus hit a remote data management software on Monday, 26th of August, that DDS Safe uses to back up its client data and encrypted files of hundreds of the dental practice customers relying on the backup solution. The ransomware attack had some serious effects on some dental offices, with one McFarland dentist quoted by CNN as saying:
Ransomware virus typically and in usual cases encrypts all the files on the targeted computers and then demands a ransom (usually in Bitcoins) in exchange for the decryptor from the attacker that helps the victims regain access to their important or crucial files. At the time of writing, the company has claimed to have a decryptor that they are using to help the affected customers decrypt their files at a good rate of succession.
Nevertheless, the official statements from the companies have not yet particularly mentioned how they got their hands on the ransomware decryption software, suggesting that the unknown amount of ransom has been paid to the cybercriminals. Meanwhile, the companies said that they are actively working with the Federal Bureau of Investigation’s Cyber Crime Unit to thoroughly investigate the incident, adding to that they have been in touch with most of the affected customers, describing them as the only small percentage of the affected practices.
This year has seen a steep in ransomware attacks against the public infrastructure and government institutions, from where the cybercriminals seek successful returns as most of the times the targeted organizations content is vital to the public interest. Earlier this year, the ransomware has crippled the computer system infrastructure of multiple states in the United States, including Florida, Baltimore, and Texas. In March, ransomware also hit Norsk Hydro and forcing the Aluminum giant to shut down several plants and switch to manual operations. Just in the last week, some residents of South Africa financial capital, Johannesburg were left without electricity after the city’s power company got attacked by a ransomware virus.
Source: The Hacker News
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.