Ransomware Simplified?

***

By Darrell K. Pruitt DDS

***

***

“We’re now truly in the era of ransomware as pure extortion without the encryption –
Why screw around with cryptography and keys when just stealing the info is good enough”

Jessica Lyons Hardcastle

{The Register, June 25, 2022]

READ: https://www.theregister.com/2022/06/25/ransomware_gangs_extortion_feature/

***

***

COMMENTS APPRECIATED

Thank You

***

***

The RETURN of Paper Dental Records?

By Darrell Pruitt DDS

***

***

More reasons to stick with paper if you haven’t yet become paperless, Doc 

“Paying Ransomware Paints Bigger Bullseye on Target’s Back – Ransomware attackers often strike targets twice, regardless of whether the ransom was paid. Paying ransomware attackers doesn’t pay off and often paints a bigger target on a victim’s back. Eighty percent of ransomware victims that paid their attackers were hit a second time by the malware scourge.” – Threatpost, June 8, 2022.

A dentist can avoid the second ransomware attack by returning to paper … What? Yeah. I said it.

“New ransomware numbers come from a Cybereason’s April ransomware survey of 1,456 cybersecurity professionals. According to the gated report (registration required), victims that were successfully extorted were not only targeted a second time, but frequently data encrypted by criminals later became unusable during the decryption process because of corruption issues.”

OR – one can retire!

***

***

COMMENTS APPRECIATED

Thank You

***

***

***

DENTISTS: Don’t Write Many Prescriptions / Ransomware and Cyber News

A Personal Op-Ed Perspective

***

pruitt

By Darrell Pruitt DDS

***

Dentists simply don’t write that many prescriptions.

Henry Schein employees are not defending Stanley Bergman’s venture into e-prescription software. That is because they know it stinks. Digital prescriptions not only endanger patients and dental practices, but they offer no tangible benefits over paper. None!

Digital only increases the profits for Stanley Bergman and pharmaceutical interests – who eliminate data entry personnel from their payroll.

“First do no harm”

Ancient Greek physician Hippocrates.

EDITOR’S NOTE: We welcome back the op-eds of colleague Dr. Pruitt and trust he remains well in 2022.

***

Ransomware and Dentistry – Recent News

“Why Healthcare Will Remain a Top Cyberattack Target in 2022 – one of the main reasons criminals are interested in healthcare data is that it contains a lot of details, such as date of birth, Social Security numbers – the active ingredients for identity theft. You can get those data points from any number of places, but healthcare organizations are the richest sources.” Healthcare Info Security, December 28, 2021.https://www.govinfosecurity.com/interviews/healthcare-will-remain-top-cyberattack-target-in-2022-i-4999

“Ransomware in 2022: You May Be Screwed, but Without Insurance It Could Always Be Worse – A commentator recently summed up the risk of ransomware attack in 2022: ‘we’re all screwed.’ True enough. But that’s all the more reason to prepare right now. After all, the only thing worse than a ransomware attack is not having adequate insurance coverage when it occurs. The time to prepare is now.” National Law Review, Wednesday, January 5, 2022.
https://www.natlawreview.com/article/ransomware-2022-you-may-be-screwed-without-insurance-it-could-always-be-worse

“Insurers run from ransomware cover as losses mount” Summary:
– Lloyd’s of London discourages cyber expansion-sources
– Ransomware as profitable as Colombian cocaine cartels
– Some insurers asking policyholders to pay half of ransoms
– Attackers change strategy from scattergun to focused.Reuters, November 19, 2021.
https://www.reuters.com/markets/europe/insurers-run-ransomware-cover-losses-mount-2021-11-19/

Yep.  We’re all screwed. Well, not all of us.

 Paper remains the best deterrent to ransomware. 

COMMENTS APPRECIATED.

Subscribe to the Medical Executive-Post

Thank You

***

***

***

Can electronic dental records survive the ransomware cure?

***

By Darrell K. Pruitt DDS


Compared to hospitals, the business of dentistry is as simple as a lemonade stand. Dental practice management software is an option – not a necessity.

Thank goodness.

***

Do Dentists Need To Comply With HIPAA?

***


“Cyber Daily: Congress Inches Toward Response to Ransomware Attacks – U.S. legislators in the House and Senate have several bills in play that would put new requirements on companies [including dental offices] to report cyber incidents, including details about ransomware payments.”

WSJ.com, Oct. 11, 2021.
https://www.wsj.com/articles/cyber-daily-congress-inches-toward-response-to-ransomware-attacks-11633974966

As transparency makes it increasingly difficult for dentists to hide ransomware breaches from their patients by quietly paying the ransom (one or more times), paper dental records remain the gold standard of security. Practice management software is not only more expensive than paper records, but it vastly increases patients’ risk of identity theft while offering them NO TANGIBLE BENEFITS… Just ask anyone.

***

YOUR COMMENTS ARE APPRECIATED.

Thank You

***

RISK MANAGEMENT: https://www.routledge.com/Risk-Management-Liability-Insurance-and-Asset-Protection-Strategies-for/Marcinko-Hetico/p/book/9781498725989

***

Recent EHR News

Join Our Mailing List

1-darrellpruitt

Recent EHR News

By Darrell K. Pruitt DDS

“Cerber ransomware decryption tool was available for 1 day before hackers rendered it useless – The authors of Cerber fixed the flaw in the ransomware’s code that made decryption possible.” By India Ashok for International Business Times, August 18, 2016.

http://www.ibtimes.co.uk/cerber-ransomware-decryption-tool-was-available-1-day-before-hackers-rendered-it-useless-1576662

“HIPAA Breach Case Results in Record $5.5 Million Penalty.” By Aldrin Brown for MSP Mentor, August 18, 2016.

http://mspmentor.net/msp-mentor/hipaa-breach-case-results-record-55-million-penalty

“HIT Costs Rose 40% Per Physician Since 2009.” By Christine Kern, contributing writer, Health IT Outcomes, August 19, 2016.

http://www.healthitoutcomes.com/doc/hit-costs-rose-per-physician-since-0001

Kern:  “Healthcare organizations are facing serious financial challenges as they are forced to convert their practices and patient records to digital formats.”

“Office for Civil Rights to Increase Investigations of Smaller HIPAA Breaches.” By National Law Review, August 19, 2016

http://www.natlawreview.com/article/office-civil-rights-to-increase-investigations-smaller-hipaa-breaches

NLR:  “HHS Office for Civil Rights will cast a wider net and increase its investigations into smaller HIPAA privacy breaches starting this month. OCR announced a new initiative to increase its efforts examining breaches that affect fewer than 500 individuals. OCR Regional Offices already investigate every reported breach affecting 500 or more individuals, and will continue to do so, but now they will intensify efforts to scrutinize smaller breaches.”

“2016 is the year to Go Paperless’ – Stop putting it off, going paperless can save you tens of thousands of dollars.” By Larry Emmott for Emmott on Technology, August 19, 2016.

http://emmottontechnology.com/

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

Risk Management, Liability Insurance, and Asset Protection Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners™

***

Are Paper MRs Safer than EMRs?

Join Our Mailing List 

Paper is Safer!

1-darrellpruitt[By Darrell K. Puitt DDS]

“Ransomware Attacks Can’t Hide from HIPAA Anymore – Hospital and health system executives are on notice: Come clean about ransomware attacks as early as possible or be prepared to face sanctions.”

By Scott Mace, for HealthLeaders Media, July 19, 2016.

http://www.healthleadersmedia.com/technology/ransomware-attacks-cant-hide-hipaa-anymore#

Dean Sittig, a clinical informatics professor at University of Texas Health Science Center and the Houston UT-Memorial Hermann Center for Health Care Quality and Safety, tells HealthLeaders,

The new HHS guidance is going to really ratchet up people’s attention, because now you’re also talking about big fines from the government, as well as the effects of the ransomware.”

***

ext

***

Show Me the Money?

“Survey: Nearly Three Quarters of Physicians Say They Haven’t Seen ROI From Electronic Records.”

By Matt Goodman: [Dallas/Fort Worth Healthcare Daily, July 21, 2016]

http://healthcare.dmagazine.com/2016/07/21/survey-nearly-three-quarters-of-physicians-say-they-havent-seen-roi-from-electronic-records/

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

Product Details

http://www.BusinessofMedicalPractice.com

***

PHI RansomWare Just Went Up!

Join Our Mailing List

1-darrellpruitt

[By Darrell K. Pruitt DDS]

Expect malware entrepreneurs to charge what the market will bear, again and again.

“OCR Releases Guidance on Ransomware: ‘Your Money or Your PHI’”. By Dianne J. Bourque for The National Law Review,” July 12, 2016

http://www.natlawreview.com/article/ocr-releases-guidance-ransomware-your-money-or-your-phi

Bourque: “A key component of the guidance provides a ransomware attack that encrypts a Covered Entity’s ePHI is presumed to be a breach. As ransomware can infect a Covered Entity’s entire system, this presumption may lead to enormous breach notification obligations.”

Bourque adds: “OCR indicates that when ePHI is encrypted as a result of a ransomware attack, a breach has occurred because the ePHI encrypted by the ransomware was acquired (i.e., unauthorized individuals took possession of the information) and is thus a ‘disclosure’ not permitted under the HIPAA Privacy Rule has occurred.”

When patients are notified of data breaches – for any reason – many will quietly change providers. According to The Ponemon Institute, loss of future income is the most costly result of lawfully reporting data breaches…. and ransomware attacks are at “epidemic” levels. I have heard dentists are paying the ransom quickly.

The disincentives to do the right thing were overwhelming providers even before the OCR’s recent ruling. Such is the ugly nature of extortion.

Assessment

Cha-ching! 

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

Risk Management, Liability Insurance, and Asset Protection Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners™

***

Are the ME-P and Ashley Madison Related?

Join Our Mailing List

On Ransom-Ware, Black-Hat Hackers, the Gullible, Guilty … and Personal Cyber Security

A-Special ME-P Report

*** 

DEM white shirt

By Dr. David E. Marcinko MBA MBBS [Hon]

[Publisher-in-Chief]

Your Ashley Madison Account
[Paul recommends to read this email]‏
But … don’t fall for it!

I just received this email message from sharingservices@aol.com: In this time of medical information and financial advisory data cyber security breaches, here is a warning about personal security, too!

If it can happen to me, it can happen to anyone!

*********************************************************************************************************

Unfortunately your data was leaked in the recent hacking of Ashley Madison and I know have your information. I have also used your user profile to find your Facebook page, using this I can now message all of your friends and family members.

If you would like to prevent me from sharing this dirt info with all of your friends and family members (and perhaps even your employers too?) then you need to send 1 bitcoin to the following BTC address.

Bitcoin Address:
1AEJiZFnELwRZVjmVSvDSwUaXNZy4X9bQN

You may be wondering why should you and what will prevent other people from doing the same, in short you now know to change your privacy settings in Facebook so no one can view your friends/family list. So go ahead and update that now (I have a copy if you don’t pay) to stop any future emails like this.

You can buy bitcoin using online exchanges easily. If the bitcoin is not paid within 3 days of 23 Sep 2015 then my system will automatically message all of your friends and family members. The bitcoin address is unique to you.

Consider how expensive a divorce lawyer is. If you are no longer in a committed relationship then think about how this will affect your social standing amongst family and friends. What will your friends and family think about you?

Sincerely,
Paul

***

hackers

*******************************************************************************************************************

An Object lesson to all ME-P readers and subscribers

After review, I noted the following faults with this blast message:

* No sender last name.
* Sender blast email service
* Multiple email addresses
* Poor grammar
* I do not have – or ever had – a Facebook account
* I do not have – or ever had – an AM account

Assessment

Note any other “give-aways“? Don’t fall for this ploy. And, don’t be Gullible or GuiltyForewarned is forearmed.

More:

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

***

Product DetailsProduct DetailsProduct Details

Product Details

Product DetailsProduct Details

Risk Management, Liability Insurance, and Asset Protection Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners™8Comprehensive Financial Planning Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners™

***

%d bloggers like this: