The old adage that attributes experience as the best teacher has never been truer than the current cyberspace that veterinarians operate under, filled with cyber criminals who are willing to pounce at a moment’s notice veterinary practices’ network and cyberspace to cause havoc.
As practitioners, we are bombarded with news reports of ‘other’ veterinary practices being attacked by cyber criminals and scammers, and every time this happens, the question of when this will happen to us or our practices lingers on the back of our mind. Today, it is no longer a question of whether we will be next for a cyber attack, but when such an attack will happen.
No, this is not fear mongering, and reports consistently show that cyber criminal activities are evolving and increasingly targeting organizations regardless of their size.
But how can we prepare for attacks that we have no idea where they will come from and how they can impact our practices? The simple answer is that we can learn to anticipate the type of attacks that are more likely to be targeted at our practices based on past attacks, which can help us become more prepared. Below are some case studies of how cyber criminals targeted veterinary practices and advice on how your practice can respond to such attacks.
Ransomware attacks on National Veterinary Associates (NVA)
In 2019, the National Veterinary Associates (NVA) was hit by ransomware called Ryuk, which ended up crippling more than 400 of its clinic. The California company, which is one of the biggest veterinary practices in the country, was caught flat-footed and had no time to prepare for the attack or how to respond to the attack.
According to official reports, the ransomware gained access to their system through third-party systems which had access to the veterinary system.
How NVA mitigated the ransomware attack
Upon discovery that their systems were infected by the virus, the company said that it started to implement procedures that would reduce the severity of the attack. By the time of the discovery, however, patients’ records, payment systems and practice management software had already been infected and encrypted by the virus, locking over 400 NVA clinics across the country.
The company also indicated that it went hired two outside security firms to evaluate the system and help them in their recovery.
To date, it is not clear whether NVA paid the ransomware fee, but it took them a couple of weeks to recover from the attack.
Verdict on NVA handling of the attack
NVA should have been well prepared for such attacks. Being one of the largest veterinary practices in the country, it should have been aware of its vulnerability and implemented security measures such as having an effective and updated anti-malware that was capable of detecting the Ryuk ransomware and acting on it quickly.
Other veterinary practices can learn from this attack, to always have their guard up and implement measures such as antivirus, anti malware and anti ransomware protections in their systems. The recovery time was also long, and it seems like they did not have a backup of most of their data. Therefore, veterinary practices should have external data backups to be able to recover faster if such a situation happens.
Green dot scam attack on East Towne Veterinary Clinic
Green dot scams use MoneyPak to request payments from their victims. A veterinary practice receives a call from people purporting to be energy providers, and they are told that their bill is too high and they run the risk of being disconnected. They are then given the amount they need to pay and where they need to deposit the money.
This is exactly what happened to East Towne Veterinary Clinic, where their manager Melanie Meyer received a call from a gentleman who purported to be working for We Energies. The man claimed that the veterinary practice owed them in excess of $800 and gave them a number of where to deposit.
Similar phishing call attacks that resemble green dot scam
Green dot phishing scams are just a small part of phishing calls that are targeted at veterinary practices. The other two major types of phishing calls are the IRS phishing calls and the DEA phishing calls.
The IRS phishing calls try to trick veterinary practices that they are in problem with the IRS and they owe the tax collectors back taxes. Next, they try to demand payments over the phone.
The DEA phishing calls target veterinary practices and tells them that they are in possession of controlled substances such as hydrocodone and oxycodone. The callers then try to extort practices money in order to make sure the ‘problem goes away.’ This method is one of the most effective forms of phishing calls against veterinary practices because it is believable and many victims are falling for it.
Verdict on the attack
These types of attacks are very common and if you are not careful as a practice owner, you may fall victim. It is important to get more information from your callers and do a background check to verify if the calls are genuine. Most of these calls are trying to social engineer their victims and gain valuable information or extort money, therefore, it is important to involve authorities if necessary.
Identity theft and wire fraud attack on Girard Veterinary Clinic
When Girard Veterinary Clinic was contacted by the Philadelphia Police Department, they had no idea that scammers were using their identity to scam people, including some of their clients. They immediately notified their clients and the public that fraudulent people were using their name to scam them.
The Girard Veterinary Clinic is far too common and many veterinary practices have fallen victim to identity theft and wire fraud. Clients of Girard Veterinary Clinic who had been scammed and wired payments to scammers could not receive their money back. According to authorities, it becomes very difficult to recover wire fraud money because the money is wired overseas.
Verdict on the Girard Veterinary Clinic attack
Identity theft and wire fraud cases are some of the most complex forms of security compromises that can face a practice. It is very difficult to know whether your practice is a victim of identity theft, because scammers may be using email phishing to conduct their fraud.
However, Girard Veterinary Clinic responded appropriately by notifying their clients and the public that they have fallen victim to identity theft. They also went further and worked with authorities to try and recover the money lost through wire fraud. Although they did not recover the money, it showed concern by the veterinary practice and created a blueprint of how veterinary practices should respond to such attacks.
How to build your own defenses
Head over to Patterson Veterinary University and sign up for our technology fundamentals course. Here you can learn not only how to protect your hospital but how to properly budget, plan and more importantly understand the technology in your hospital.
Sign up for the Lucca Veterinary Cyber Security Audit. How can you know where you are at the biggest risk of being attacked? If you don’t know your weaknesses. The best part is that the audit wont interrupt your day to day work flow but will help you be better prepared to protect your hospital. Lucca will also help guide you in the best solutions to close the gaps.