Dental Cyber Watch – May 2024

🔦Cyber Story Spotlight

FBI Warning to the Dental Community

On the evening of Monday May 6th, Black Talon Security, the ADA and AAOMS attended an FBI briefing related to a potential threat against the Oral and Maxillofacial Surgery (OMS) community. In the hours following the initial briefing, the team at Black Talon was able to gather some additional intelligence with detailed information about the specific threat and the methodology that malicious actors were likely to use to target practice staff members.

dental cyber watch

This warning is related to a spear phishing attack designed to steal sensitive data. This type of attack is easily executed and often difficult to detect. Gathering detailed intelligence about the threat was vital as the team at Black Talon was able to quickly create a brief training video that was shared with every state dental association for free distribution for their members. The video was specific to the current potential threat and will hopefully help some offices be better prepared to fend off this attack.

While the initial warning was for the OMS community, criminal hacking groups will typically quickly pivot to other specialties, so it’s imperative that the broader dental community be aware and alert.

Note: To prevent threat actors from accessing the training video, we have provided only a short preview clip below. Please contact Black Talon using the button below to request access to the full video.

The Human & Technical Vulnerabilities

Cybercriminals often employ phishing and vulnerability exploitation techniques to deploy malware on office computers, gaining access to protected health information. They then attempt to extort an organization by stealing their data and demanding a ransom payment. This combination of targeting both human and technical vulnerabilities is very common, and this methodology has been used in some of the recent high-profile attacks against organizations like Change Healthcare, MGM Resorts, many healthcare organizations and a long list of others. These attacks may start with a human, but the damage is often done as a result of hackers deploying their tool kits that are designed to exploit technical vulnerabilities that exist on a network. In addition, they will use legitimate programs for nefarious purposes and these programs will go undetected by anti-virus software.

The Change Healthcare attack is the most expensive and damaging attack against the US healthcare sector to date. Many articles have been written about this attack and the fact that a single person making a mistake after being socially engineered by criminals could cause such devastation. The truth is that while a single person can be the initial access point for the hackers, proper technical vulnerability hygiene can prevent most of the damage. ­­Most ransomware attacks are simply malicious code. This code or malware functions the way biological viruses’ function. Biological viruses are successful when they find a human who has a specific host (vulnerability) that the virus needs to be successful.

dental cyber security

Malicious code is successfully delivered and can move throughout networks only when there are specific hosts (vulnerabilities) present on that network. Identification and remediation of known technical vulnerabilities may prevent access and lateral movement of this malicious code and the attack “Dies on the Vine”. Proper cybersecurity awareness training for all team members reduces the risk of a person within your organization being the access point. This most recent warning to the dental community validates the need for organizations to have a cybersecurity awareness training program in place and that on-going vulnerability management is essential in keeping organizations safe.

How Do You Protect Your Organization?

A separation of IT and cybersecurity is essential and should be handled by two different organizations. This approach has long been the norm across the medical and financial industries and very quickly needs to be adopted by the dental community. IT professionals and cybersecurity specialists typically have different skill sets and their areas of focus are not the same. IT teams who work with DSO organizations have a difficult enough time maintaining networks and ensuring their stability. A robust and effective preventative security solution requires a layered approach and the full-time attention of trained security professionals who use a combination of tier 1 tested tools and human intellect. Cybersecurity companies who are involved in incident response cases and who perform cyberattack forensic investigations are kept aware of new attack methodologies and new tactics / tools that criminals are using to breach organizations and can quickly pivot to combat these new criminal strategies.

🚨Recent notable healthcare cyber incidents:

The FBI reached out to the ADA to report that there is a credible cybersecurity threat to oral and maxillofacial practices. While the FBI was not yet aware of any cyberattack victims of this threat, the agency is concerned that the practices of general dentists and other specialists could also be eventually targeted. The FBI requests dental practices that experience any fraudulent or suspicious activities to report them to the FBI Internet Crime Complaint Center at

Ascension, the nation’s largest Catholic health system and owner of 40 senior living facilities, paralyzed by cyberattack. The health system postponed some elective procedures, tests and appointments “out of an abundance of caution” after a cyberattack paralyzed Ascension’s computer network and other technological systems. Ascension said it is working to investigate the source of the breach, contain it and restore its systems. In the meantime, many hospitals are diverting ambulances to other health care facilities “to ensure emergency cases are triaged immediately.” Black Basta ransomware was involved in the Ascension cyberattack, which involved hackers who tried to lock the health system’s computer network and steal its data.

Somerset Dental Las Vegas experiences a data breach. Somerset Dental Las Vegas, a prominent dental practice in Nevada, was recently targeted by an unauthorized third party who gained access to the company’s network. The unauthorized third party managed to obtain certain files from Somerset Dental’s network. These files potentially contained sensitive patient information, including details such as names, dates of birth, addresses, phone numbers, email addresses, Social Security numbers, driver’s license numbers, health information, and dental insurance information. Somerset Dental reported the incident to the U.S. Department of Health and Human Services and confirmed that approximately 11,321 individuals have been impacted by the data breach. The dental practice is notifying all affected individuals.

Dental Cyber Watch is sponsored by Black Talon Security, the recognized cybersecurity leader in the dental/DSO industry and a proud partner of Group Dentistry Now. With deep roots within the dental and dental specialty segments, Black Talon understands the unique needs that DSOs and dental groups have when it comes to securing patient and other sensitive data from hackers. Black Talon’s mission is to protect all businesses from the devastating effects caused by cyberattacks—and that begins with a robust cyber risk mitigation strategy. To evaluate your group’s current security posture visit

Have a cybersecurity question or concern that you would
like addressed in future Dental Cyber Watch articles,
please email it to