Skip to main content

Did You Get A USB Drive From The ADA? Don’t Plug It In

By June 3, 2016May 25th, 2021Blog, Technology News

did_you_get_a_usb_drive_from_the_adaNot even dentists are safe from hackers, and if they’ve been targeted, your company could easily be targeted in much the same way.

Recently, the ADA (American Dental Association) sent USB flash drives out to dental offices all over the country. The drive contained updated billing rates and instructions for filing claims with various insurance companies. Unfortunately, some of the drives contained something more than that – they were infected with malware that attempts to load a webpage known for distributing malware, and install software that would give hackers complete remote access to the system.

Open access to a machine in a dentist’s office would be a goldmine for any hacker. Not only does it contain PHI (Protected Health Information), personal identity information and social security numbers, which is of great inherent value on the Dark Web, but the information contained in those records would also give any savvy hacker lots of material to work with to conduct highly personalized, extremely targeted phishing attacks, enabling them to get even more information from unsuspecting recipients of the emails they sent out.

The ADA is currently investigating the matter, and confirms that they did indeed send the flash drives. Right now, the theory about what happened is that when the drives were being manufactured in China, one of the machines used to load the files onto each drive was itself infected, and this caused the infection to spread to every drive that interacted with the infected machine.

If your company sometimes receives updates in this manner (a flash drive from a vendor or key supplier), this underscores the importance of careful evaluation of anything you’re set before you simply plug it into your network. To do any less is to leave an opening for the hackers, and make it easy for them to gain complete access to your system and your proprietary data.

If you’re not sure how to guard against this type of threat, contact us today and a member of our team will be happy to assist you in evaluating the current state of your network’s security. We can make recommendations about changes you’ll need to make in order to better secure your data, and assist you in actually implementing those recommendations.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.