The American Dental Association (ADA) encountered a cyberattack and had to take a lot of its systems offline. The ADA website is presently accessible right now and states that the ADA is suffering from technical problems and that it is being worked on to get its systems working well. Although the website doesn’t present any other facts on the reason behind the technical issues, emails were given to ADA members telling them about the cyberattack.
The letters state that portions of its network were taken off the internet and that ADA email, Aptify, the telephone system, and web chat were all affected. Lots of its online services are inaccessible at the moment; nevertheless, information about the attack was not given at this time.
The ADA mentioned it has reported the cyberattack to authorities and it is checking out the nature and magnitude of the attack and is being helped by third-party cybersecurity experts. The investigation hasn’t found any information on data theft at this period and the level to which its members, dental practices, and other dental establishments were impacted is unknown. Various state dental associations have likewise noted on their websites that technical problems are being suffered, which include the New York and Florida Dental Associations.
Though some information was made public concerning the specific nature of the attack, it has the characteristics of a ransomware attack. As per Bleeping Computer, Black Basta, a new ransomware operation, has stated it is responsible for the cyberattack and has posted some of the stolen information on its data leak webpage. Black Basta states the leaked files is approximately 30% of what was stolen from the ADA and comprise employee details, financial data, and other sensitive records.
Black Basta is a new ransomware group that commenced doing attacks mid-April 2022, with the earliest acknowledged victim being Deutsche Windtechnik, the German wind farm owner. The ransomware encrypts data information utilizing AES+RSA algorithms and adds the .basta extension to encrypted data files. The group says in its ransomware notes that information was stolen and will be publicized on its TOR web page in case the ransom is not paid. The desktop on victim devices is substituted with a graphic with the note, “your network is encrypted by Black Basta group.” A readme.txt file is added on the desktop with details for getting backfiles.