500+ Dental Offices across the US were hit with Ransomware this week due, ironically, to an unaddressed vulnerability in backup software provided by Digital Dental. Most of these offices have been down for days, even after Digital Dental paid a reported $1,000.000.00 ransom to purchase the decryption keys for the Ransomware; keys which reportedly are not working for all offices. These offices are shuttered until their data can be recovered in some fashion.
22 towns in Texas had their municipal IT systems encrypted last week due to a Ransomware hack that was distributed via the MSP who provides their support.
This is a terrifying time to be a provider of IT Services as these attacks are on the rise. As partners in your network security, we want to make sure that our clients know that we are aware of these attacks and that we at Moebius are taking additional steps to review our own internal IT structure to verify that the required security controls are in place to prevent us from becoming the next victim of an attack.
What are we doing to Protect our clients?
- We have taken steps to verify that our critical support services cannot be accessed from overseas IP addresses and that Multi-Factor Authentication is being implemented on all critical support, update and Client Remote Access Systems under our control.
- We have verified that our Remote Access and RMM Tools are established under a different Domain Name from our publicly facing website and email systems to help prevent a linkable credential heist.
- We are reviewing all clients for Compliance with our established Secure NAS based Onsite and Offsite backup solution. This combined backup solution has provided excellent protection for our clients in the past across multiple different disaster scenarios and it has become mandatory for our clients. Over the next few weeks, we will be contacting all clients who remain on a USB based or “on-premise only” backup solution to either upgrade their solutions to our Best Practices or to terminate our backup services with them.
- We are reviewing all client networks for the coming Windows 7 and Server 2008 End-of-Security. On January 14th, 2020, Microsoft will stop patching these systems against intruders and they will become increasingly vulnerable to attack as time passes. Replacement or upgrade of these systems is also required for Compliance with HIPAA and the MA/NY Privacy Laws.
- We have completed our evaluation of an improved Sophos Server and Workstation Endpoint Protection solution that offers significantly upgraded Ransomware protection features in the form of InterceptX and CryptoGuard. This will become our new standard for our clients and we will be contacting clients over the coming months to coordinate the rollout of these new Sophos services to them in place of their current Managed Anti-Virus solution.
- We are initiating a process to review and update our Master Service Agreement to verify that it is fully in compliance with the terms required by our Errors and Omissions and Business Insurance Policies. This will make sure that we have the legal and financial backing that we will need should the worst-case scenario ever occur. When this legal review is complete, we will be contacting our clients to make sure that they are protected by the new contract.
Please bear with us while we work to contact you so that we can update your offices in a structured and controlled fashion and rest assured that we are doing our best to protect your networks and data in these harrowing times.
President – Moebius Technology Solutions, Inc.