TeamHood 
A Colorado IT Company that provides services to 100+ dental offices has suffered a Ransomeware attack.
Complete Technology Solutions(CTS) has been attacked and attackers installed Sodinokibi ransomeware on computers at more than 100 dentistry businesses that rely on CTS for IT services, including network security, data backup, and voice-over-IP phone service. CTS declined to pay an initial $700,000 ransom demand for a key to unlock infected systems at all customer locations.
As per the latest update the Complete Technology Solution is still in Denial. The hack was exclusively reported by Security Researcher Mr. Brian Kerbs.
Hood Analysis 101
Dental Office and all the medical related institutions(including their IT Services providers )should comply with HIPAA guidelines.
HIPAA which is also knows as Health Insurance Portability and Accountability Act is developed in US whose aim is to provide the IT security guidelines to Medical Institutions. Since the IT provider and impacted Dental offices are based in US we assume that the either the CTS was not following the HIPAA guidelines completely or they are not complaint with HIPAA at all.
One more question that need to be raised here is that IT providers (Complete Technology Solutions) have failed to notify that they are being targeted by a Cyber Attack.
Few basic steps that can be followed by Organizations suffering from Ransomeware attacks
- You must have a way to protect against malicious software.
- You must make sure that all of your systems are up-to-date.
- You must have a plan for responding to security incidents
- You must perform a risk analysis on all critical systems
We thank Mr. Brian Kerbs for his Security Reporting in this matter.
