Managed service providers are ransomware hackers' new gold mine

On July 3, employees at Arbor Dental in Longview, Washington, noticed glitches in their computers and couldn’t view X-rays. Arbor was one of dozens of dental clinics in Oregon and Washington stymied by a ransomware attack that disrupted their business and blocked access to patients’ records. But the hackers didn’t target the clinics directly. Instead, they infiltrated them by exploiting vulnerable cybersecurity at Portland-based PM Consultants Inc., which handled the dentists’ software updates, firewalls and data backups. Arbor’s frantic calls to PM went to voicemail, said Whitney Joy, the clinic’s office coordinator. “The second it happened, they ghosted everybody,” she said. “They didn’t give us a heads up.” A week later, PM sent an email to clients. “Due to the size and scale of the attack, we are not optimistic about the chances for a full or timely recovery,” it wrote. “At this time we must recommend you seek outside technical assistance with the recovery of your data.” On July 22, PM notified clients in an email that it was shutting down, “in part due to this devastating event.” The contact phone number listed on PM’s website is disconnected, and the couple that managed the firm did not respond to messages left on their cellphones.