The two agencies issued a joint advisory on Feb. 26 detailing ways organizations can help detect and protect their networks from destructive malware. While the advisory said there is "no specific, credible threat to the United States at this time, all organizations should assess and bolster their cybersecurity."
Both agencies recommended the following immediate actions people can take to help strengthen and protect their data, such as:
• Enabling multifactor authentication when there is remote login capability.
• Setting antivirus and antimalware programs to conduct regular scans.
• Enabling strong spam filters to help prevent phishing emails from reaching end users.
• Updating software.
• Filtering network traffic.
The ADA recommends that dental practices protect themselves from cyberattacks by following good internet security practices, such as keeping systems up to date with security patches and making sure antivirus signature files are current. The Association also recommends dental offices have multiple recent backups, and that backups are disconnected (inaccessible) from those systems.
The ADA notes that cyber attackers can gain a foothold inside networks via phishing emails, so this is a good time to remind dental teams and staff about the danger of phishing emails.
The ADA also wants dentists to be aware that scammers may sometimes exploit current events to trick people into sending them money or sensitive information. For example, according to the FBI, scammers leveraged the COVID-19 pandemic to steal personal information and money through phishing scams, such as fake CDC emails and emails with links purporting to enable an individual to donate to a charity online.
The FBI has a webpage devoted to spoofing and phishing filled with tips to help dentists and small business owners protect themselves. The Federal Trade Commission also has several resources available at FTC.gov/cybersecurity. For additional resources, visit CISA's ransomware guidance and resources webpage, the FBI's ransomware webpage and the HHS Office for Civil Rights' Fact Sheet: Ransomware and HIPAA.
The ADA also offers tips on protecting dental practices, including a free online course worth one continuing education credit. Visit ADA.org and type in “ransomware” to access all the Association’s resources.