Further Update on Computer and Data Safety and Ransomware

Following our original Post we are now in receipt of Further Advice from WG following a request from BDA Wales which can be found via the following link:

Dental Good Practice Guide – How to Avoid Malicious Software

read more
OnSeptember 26, 2016, posted in: Latest News by

Computer and Data Safety and Ransomware

One of our LDC members reported the following in relation to Computer and Data Safety:

I own a dental practice in South Wales and we recently had a computer problem which left us very exposed and we potentially could have lost all our data for 10 years! I thought if I shared my story with my colleagues it may prevent other practices going though the same ordeal that we are still going through.

Firstly a small background to our practice; we have been fully computerised using software from a reputable dental software supplier for 10 years and had digital radiographs for 7 years. We employ the services of a local computer firm for all our computer hardware and software and they usually deal directly with our supplier on our behalf to organise our back up and virus protection.

I never really got too involved, we have had all new computers and server in the last 3 years, to my basic understanding we had 2 hard drives in the server and one backs up to the other every night. Then twice a week we back up onto a removable hard drive and we have 2 of these that are swapped and the one that is not being used is stored offsite. We have Norton antivirus software and 2 firewalls (whatever they are!).

Four weeks ago we turned the computers on a Monday morning and everything we tried to open requested a password! We phoned our supplier – they couldn’t do anything because they couldn’t log in so we called our computer firm out. It took a few hours to discover that we had been the victims of a ransom virus and that the criminals wanted 3000 USD to give us the password! They had also deleted and encrypted all hard drives and memory storage devices that were on the server including the external hard drive back up.

For the more technically minded of you the virus wasn’t a virus but a malware and these are often not detected by even the best antivirus programs. It was obviously not detected by Norton, neither did Kaspersky antivirus detect it but it was finally identified by Malwarebytes.

We do not know how the infection happened, or when it happened, it is likely that someone opened an email attachment, or clicked on a false link on a webpage.

When I spoke subsequently with our software supplier they informed me that lots of practices had been hit, I asked if anyone paid the ransom and they said that some had and they had nothing back, some had paid and it had worked but they had been re-targeted a month later demanding more money. They informed me that some practices had lost all their data!

Fortunately for us our second external back up had not been backing up properly for 6 weeks so had not been infected. This still left us with losing 6 weeks’ worth of everything but wasn’t as catastrophic as losing 10 years worth of data! However our appointment book was booked up about 8 weeks in advance and a lot of patients book  their recall and hygienist appointments 6 months in advance and all of these appointments have been lost, so on a daily basis we don’t know who is going to walk in through the door, which dentist they are expecting to see, and what happened at their last appointment and so what they are expecting to have done and on which tooth! We are fortunate that the x-rays weren’t affected so these are safe. Needless to say our UDA target/figures are all messed up and we will have lost a lot of UDAs because we don’t know who was in on the days that we lost from the last transmission date.

We had to notify the police, the Information Commissioner Office and the LHB.

What I have learnt – don’t assume that you are safe! Your computers are at risk from a lot more than burglaries and fire! Ensure that you have many backups in various places, internal hard drives, external hard drives and cloud backups, and that you have a longer term backup so that you don’t risk losing everything! Also antivirus and anti malware is a minimal requirement, and preferably have your server separate – so that no one can use it to open emails, go on the internet etc.

I still look blank when computer people talk computer at me, and no matter how hard I try to get them to explain and talk English to me they still seem to talk computer – but I’m trying!

__________________________________________________________________

Having heard this another LDC member has made some suggestions as follows:

Viruses and Ransomware

CryptoWall Ransomware is distributed sometimes as a fake update for applications such as Adobe Reader, Flash Player or the Java Runtime Environment. These types of updates may be offered in pop-up windows when you visit unsafe websites or when a “Potentially Unwanted Program” is installed on your computer. To be safe only ever install from the main website.

Ransomware is typically delivered via spam email opportunistically and the typical overall themes are shipping notices from delivery companies, tax refunds etc..

These use the “ability” of windows to hide common file extensions. No one would open an exe file attached to an email like invoice.exe but if the name is changed to invoice.pdf.exe and the extension is hidden it looks like a “safe” pdf file.

It is a good idea to change default behaviour to show the File Extension- in Windows 7

  • Click the Start menu. …
  • Type “folder options” (without the quotes). …
  • A dialog box with the title “Folder Options” will appear. …
  • View tab- Click to uncheck the box for “Hide extensions for known file types”.
  • Click the “OK” button at the bottom of the dialog box.
  • Any files now arriving as email attachments will now show if they are .exe .

Other advice includes storing several backups in an offline environment because many ransomware variants will try to encrypt data on connected network shared drives and connected removable drives. In order to be effective, a backup must be “serialised”, with older versions of files available in case newer versions have been corrupted or encrypted however the latest Locker can lay dormant on your system for many weeks or months infecting every backup. Multiple removable drives or USB sticks that are rotated in their use are obviously better.

Usual anti-virus programmes do not recognise the exe files as a virus as technically they are not a virus as they do not replicate themselves and are just an executable encryption programme. Malware Bytes can detect them but be careful where you download this from as it often comes bundled with advert pop-ups. There is a free trial version which is clear and simple to use.

Once the backups are done and stored securely, checking that the backups are working and that you can recover from them on a scheduled basis is sensible.

One suggested prevention is to have a simple stand alone computer (running Linux?) with its own printer to be used for all day to day practice e-mails and internet browsing, not on the network.

The practice server and networked workstations only ever connect (perhaps via a separate line and modem-router) to transmit forms or allow online support, nothing else, no staff using the internet at lunchtime.

Finally asking all contacts to only send documents as links to their websites or as e-mails with NO attachments would also reduce the chance of accidentally running a suspect attachment.

 

read more
OnJuly 23, 2016, posted in: Latest News by

Patient Safety Notice from Welsh Government – Risk of Interaction between Miconazole and Coumarin Anticoagulants

The Welsh Government has published a Patient Safety Notice on the Risk of Patient Harm from an Interaction between Miconazole and Coumarin Anticoagulants.  It can be accessed through this link.

read more
OnMay 10, 2016, posted in: Latest News by

LDC Connections April 2016

The latest version of the BDA publication LDC Connections is available at LDC Connections April 2016

read more
OnMay 10, 2016, posted in: Latest News by

Dental Postgraduate Department and Public Health Wales – Smoking Cessation Audit

To assist dental teams to integrate smoking cessation into routine dental practice, a funded audit has been designed by Postgraduate Dental Education, Wales Deanery with Public Health Wales.  Bull details can be found through this link:

https://dental.walesdeanery.org/practice-quality-improvement/national-audit-projects/integrating-smoking-cessation.

 

read more
OnFebruary 16, 2016, posted in: Latest News by

GDPC Meeting 28th January 2016

Tom Bysouth, GDPC Representative for South West Wales has posted his report on the GDPC Meeting held on 28th January 2016 at the BDA Headquarters, Wimpole Street.  It can be found here.

read more
OnFebruary 16, 2016, posted in: Latest News by

LDC Connections January 2016

The Winter edition of LDC Connections contains items on the following:

GDPC Meeting
LDC Conference and Unsung Hero Awards
LDC levies
CRUK/BDA/RCGP Oral cancer recognition toolkit
Future of dental regulation report
GDC Corporate Strategy 2016-2019
CQC Update
Information Governance Toolkit Update
British Dental Conference & Exhibition
BDA Careers Day
Industrial Action

It can be accessed through this link.

read more
OnJanuary 30, 2016, posted in: Latest News by

Consultation on Wales Private Dentistry Regulations 2016

The link below is to the public consultation exercise on the draft Private Dentistry Regulations 2016.  The consultation runs from 29 January 2016 until 22 April 2016.
read more
OnJanuary 30, 2016, posted in: Latest News by

Wales Dental Digest 10th Edition – Winter 2015

The CDO’s latest edition (Winter 2015) of the popular and informative Welsh Dental Digest can be accessed through this link.

It contains information on frequency of topical fluoride applications in children,  new guidance on the delivery of orthodontic services in Wales,  information about access to NHS dental practices, information about management of dental patients taking anticoagulants or antiplatelet drugs, new GDC rules regarding indemnity and much more useful information for colleagues.

 

read more
OnDecember 23, 2015, posted in: Latest News by

Funding for Clinical Audit in Wales

Dr Ewart Johnstone, Revalidation Tutor at the Wales Deanery and Local Audit Tutor for the ABMUHB area has written advice for colleagues on Audit which can be accessed and funded through the Deanery.  This can be found through this link.

read more
OnOctober 21, 2015, posted in: Latest News by