ALERT

Understanding Cybersecurity Threats Following the CrowdStrike Incident: What Dental Practices Need to Know


July 20, 2024
Featured image for Understanding Cybersecurity Threats Following the CrowdStrike Incident: What Dental Practices Need to Know
Image
Anne Genge

Anne Genge is on a mission to make dentistry safer online. With over two decades of experience, Anne has become a leading expert and trainer in privacy & cybersecurity for dental practices.

In recent news, the CrowdStrike incident has brought to light significant cybersecurity concerns. While individual dental practices were unlikely to be directly affected by this incident, cybercriminals are taking advantage of the situation to launch phishing and social engineering campaigns against healthcare, businesses, agencies, and individuals.

As dental professionals, it’s crucial to stay informed about these threats to protect your practice and patient data. Regular cybersecurity awareness training is crucial, but staying up to date with trending threats is also critical.

So, let’s explore the different ways cybercriminals target individuals and provide actionable steps to safeguard your practice.

How Cybercriminals Exploit Vulnerabilities

Cybercriminals employ various methods to exploit vulnerabilities, often capitalizing on high-profile incidents like the CrowdStrike breach. Here are some common tactics:

1. Phishing Emails

Phishing emails are a prevalent method used by cybercriminals to deceive individuals into disclosing personal information or downloading malware. These emails can appear legitimate, mimicking trusted organizations to lure victims.

2. Spear Phishing

Spear phishing is a more targeted approach, where emails or messages are customized for a specific individual, making them more convincing and harder to detect.

3. Credential Stuffing

When cybercriminals obtain usernames and passwords from one breach, they attempt to use the same credentials on other sites, banking on the fact that many people reuse passwords across different platforms.

4. Malware Distribution

Cybercriminals may leverage incidents like the CrowdStrike breach to spread malware through infected attachments or malicious links, compromising devices and networks.

5. Scam Calls and Messages

Posing as representatives from legitimate organizations, cybercriminals might call or message individuals to gather sensitive information, furthering their malicious activities.

Why Everyday People Should Be Concerned

Everyday people, including dental professionals and their staff, need to be vigilant about these threats. Cybercriminals’ tactics can lead to identity theft, financial loss, and unauthorized access to personal and professional accounts. Even if you weren’t directly affected by the CrowdStrike incident, the general strategies used by cybercriminals can impact anyone.

Example of a Phishing Email

To help you recognize phishing attempts, here’s an example of what a phishing email might look like:

Subject: Important Security Update from Your Bank

From: security@banksecure.com

Dear [Your Name],

We have noticed unusual activity on your bank account and need you to verify your identity to secure your account. Please click the link below to verify your account details and reset your password:

Verify Your Account

For your safety, failure to verify within 24 hours will result in temporary suspension of your account.

Thank you for your immediate attention to this matter.

Best regards,
Bank Security Team

How to Protect Yourself and Your Dental Practice

1. Verify the Sender

Always check the sender’s email address carefully to ensure it’s legitimate.

2. Look for Red Flags

Be cautious of poor grammar, urgent requests, and unfamiliar links, which are common in phishing emails.

Instead of clicking on links or opening attachments, go directly to the organization’s official website to verify any claims.

4. Use Strong, Unique Passwords

Employ a password manager to create and keep track of strong, unique passwords for all your accounts.

5. Enable Multi-Factor Authentication (MFA)

Add an extra layer of security to your accounts by enabling multi-factor authentication (MFA).

Stay Informed and Get Training

By staying informed about the latest cybersecurity threats, you can significantly reduce the risk of falling victim to cybercriminals. Myla Moments is a monthly newsletter and alerting program you can sign up for to recieve alerts just like this one. Gete it here: https://myla.training/programs/myla-moments/

Protecting your dental practice and patient data is paramount in today’s digital landscape.

Stay safe and secure by following best practices and educating your staff about potential threats. For more information and resources on dental cybersecurity, visit https://myla.training

Program thumbnail
ON-DEMAND TRAINING

Cybersecurity Essentials for Dental Teams

Cybersecurity awareness training that provides dental professionals with the skills needed to prevent breaches, ransomware, and data theft at work (and at home). Get immediate access and complete training in less than 40 minutes.
Learn More