52ºF

Maitland dentist office threatened with $20,000 ransomware

Accounting records encrypted, locked

MAITLAND, Fla. – A dentist office in Maitland is the latest victim of a ransomware attack in Seminole County. 

Dr. Carl Bilancione said all of his Quickbooks accounting files were encrypted and a pop-up screen instructed him to pay $10,000. Every 48 hours, the ransom would double, according to the message.

"What the IT people ascertained is that these are not the most brilliant hackers in the world, they buy a kit and send out this information and hack your computer and when they see somebody has Quickbooks they know it's a business," Bilancione said. "That's the key."
 
Although five months-worth of accounting files were taken during the hacking, Bilancione assured that all patient records are safe and untouched, stored separately on a secure system.

Seminole County Sheriff Dennis Lemma encouraged businesses never to pay the ransom.

"What they do is take all of the information and put the info in the dark web and other people who are interested in victimizing get that information from that web and if you pay a ransom you go into a database as someone who is willing to comply with the request," Lemma said. "I promise you they will pay you a visit again sometime in the future."

Lemma said hackers are now targeting small businesses and city governments, not just big businesses.

"I think it's a business strategy that these people are asking for ransom," Lemma said. "Cyberterrorists if you will. Because they know the larger corporations are becoming informed and developing software and they have legal counsel providing recommendations. They know some of the moms and pops don't have those resources."

Lemma said 19 businesses across Seminole County have reported ransomware attacks since 2018. Nine this year.

"You could be out of business, how do you operate without your accounting files," Bilancione said.

Bilancione said even though he will not pay the ransom, he will have to pay his accountant to restore the last five months of accounting files.
 
“Oh, it’s going to cost money, five months of records," Bilancione said. "It is what it is. But people need to be aware that you better have some kind of security because you don’t know if you’re the next victim.”
 
 Since the hacking, Dr. Bilancione said the office has added more security measures to secure their files.
Bilancione believes hackers got into his system when someone in his dental office opened an unknown attachment.

 "Somebody might've opened something, but we don't know, they don't know," Bilancione said.

Lemma encouraged all business owners to report ransomware attacks but said they're often difficult to investigate.

 "In some cases it's very difficult to work these cases because they're coming from outside of the country and local jurisdictions," Lemma said.

Lemma said this latest attack highlights the need for cybersecurity. Make sure your computer is updated, you firewall is on, employees are trained not to open attachments or insert USB sticks into computers, and to use a good virus protection program.