Sophos Stops Petya Ransomware

As with the recent WannaCry Ransomware attack, organizations around the world have again been affected by a new ransomware variant known as the Petya cyber-attack.

MedCo Data customers using Sophos Endpoint Protection are protected against all known variants of this ransomware. We first issued protection on June 27th at 13:50 UTC and have provided several updates since then to provide further protection against possible future variants.

In addition, our customers using Sophos Intercept X were proactively protected with no data encrypted from the moment this new ransomware variant appeared.

Find out more about Intercept X and how it can protect your customers from ransomware like Petya and Wanna:

Please contact your MedCo Data Solutions Engineer if you have any questions. We will continue to update you as more information becomes available.

Our Business World Under Attack

By now you’ve probably heard of the new nasty cyber-bug that is wreaking havoc across the globe. WannaCry slammed into the internet last week and continues to proliferate through under protected PCs and networks worldwide. This new tactic is not “phishing” related and we can’t blame our staff or each other for opening something we shouldn’t. Instead this one slipped out of NSA and is targeted at a known exploit in Microsoft’s operating systems.

Microsoft’s president, Brad Smith responded, “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem”. No matter what side of the fence you stand on, the stark truth is we need to protect ourselves.

Behind the scenes MedCo Data has been running scans on all our clients to find anyone missing updates and pushing the needed patches to any weak points we find. Building layers of security and monitoring the integrity of our systems is the core of our strategy. Over the past couple of years you’ve seen more mass communications from me relating to ransomware than anything else. I don’t see this threat diminishing anytime soon. We must keep our defenses high.
Our entire team is standing guard. Please let us know if you need us.


Dan Rodgers, CEO
MedCo Data

Sophos Intercept X Security

Redefining Ransomware Security With Intercept X, Sophos is redefining what customers should expect from next-generation endpoint security products. No other vendor offers signatureless exploit prevention, ransomware detection, visual root-cause analysis, and advanced cleanup technology in a simple to install, easy to manage package. Watch and learn more about Sophos Intercept X Endpoint Security: Let Us […]

Microsoft Warns of Ransomware with Self-Propagation Features

“We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior,” Microsoft’s Malware Protection Center alert reads. “This ransom leverages removable and network drives to propagate itself and affect more users.”

Microsoft has released an alert today warning about a new ransomware variant called ZCryptor, which comes with the ability to self-propagate via removable and network drives.

A security researcher named Jack, behind the MalwareForMe blog, first discovered and wrote about this threat on May 24. Three days later, Microsoft ‘s security team also took note of the new wave of infections.


Ransomware Data Backup Protection

Be Prepared for Ransomware Because You Will Get Hit Eventually

It has happened again. Another hospital system has been attacked by a ransomware. A malicious software that locks down our systems, encrypts our files and will only release them once a fee has been paid. This time It’s MedStar Health in the Baltimore area.

Tennessee Orthopedic Alliance, Presbyterian Medical Center in Southern California, Kentucky Methodist Hospital, Chino Valley Medical Center and Desert Valley Hospital have all been in the headlines for ransomware attacks recently. Thousands of infections go unreported and the nefarious programmers who designed this are making serious money. One FBI agent is quoted during a cyber security conference as stating “the easiest thing may be to just pay the ransom… the ransomware is just that good.” –

As the CEO of a national IT firm, I’ve watched my team battle with the rise in virus and ransomware attacks over the past couple of years. I’ve even found myself standing in front of a teller at a national bank, transferring money into a total stranger’s account for an express bitcoin purchase to pay the ransom for a client who had no other choice. Trust me, the entire exercise is unnerving.  The reality is we do have a choice, but only before the infection. We have to educate, plan and protect to avoid falling into a situation where the only options left are to either sacrifice the data or pay these cyber thugs.

The primary point of entry for ransomware is through an unsuspecting employee who really thought there might be a FedEx tracking number attached to that email, or Amazon was truly rewarding them for being a loyal customer with a gift certificate. The lures are getting smarter and so should we. Sound the alarm.

Warn the team that we all have to be incredibly conscientious when opening emails. Unless you know the sender and you are expecting it, do not click on a download, link or attachment. If its suspicious, ask administration or your IT support to take a look. Additionally, we need appropriate security measures in place as well as a solid backup solution. Onsite backup strategies with multiple generations as well as offsite snapshots of our data is a must. No data that is important to us should be stored on individual machines that are not backed up. Centralize the files for simplified backup and security. Reevaluate your disaster and recovery safeguards to include contingencies for malicious software attacks. At the rate this epidemic is spreading, the question is not IF you will face this challenge, but WHEN will it happen.

Fortunately, 98% of our clients who have endured ransomware infections have been prepared. We were able to avoid paying the ransom by tracking down the installation, removing the threat and restoring valid data from backups. Pre-planning and strategic preparation is the only way to currently protect our businesses. We’ve helped hundreds of businesses, like yours to put these preparations in motion. If you have any concerns about how ready you might be for a ransomware infection or disaster of any kind, I invite you to schedule a call with one of our security specialists. We’d be happy to review your current strategy and help plug any holes we find.

Ransomware Virus Alert

As you know MedCo Data manages medical practices and businesses all across the United States. We’ve witnessed an alarming rate of ransomware infections over the past several weeks.

Ransomware is a malicious application that is usually introduced into the office via email, or a website that, “you” the recipient believes to be safe. Once launched, it encrypts all files on you PC and shared drives where all the important stuff is stored. The only options are to restore from a backup, forgetting what might be lost because it wasn’t backed up, or pay the ransom, over the internet with bitcoins to a foreign maleficent organization.  Please be cautious and aware.

If you don’t know who it came from, do not open any attachments. Walmart,, Target, etc.… are NOT sending you gift certificates or awards of any kind for being loyal. You do not have a personal message from the IRS, even though it is tax season. You have not won the lottery, or even a scratch off. There is no package with a tracking number attached.

There may be a yes or no choice attached to the message. Both mean yes, so either way you are infected. It doesn’t matter what you select, it invites the infection. Close the message, delete and move on. If it’s a popup from the web, do not click any choice. Best bet is to shut down the PC and start it back up if you don’t know how to open task manager and close the browser.

At work or at home, the game has changed. Be very, very careful. There is a cost if you make the wrong decision.

MedcoData at the AAD Conference

AAD2015 – We hope to see you at the conference!


It’s that time of year again and many of you may already be settling into your hotel rooms for the American Academy of Dermatology annual conference. For those attending, I hope it’s a spectacular conference filled with opportunity for knowledge transfer. This is our 7th year as an exhibitor and we are looking forward to seeing the familiar faces as well as many new introductions.

For those of you who don’t already know, MedCo Data launched our new Revenue Shield System™ in the second quarter of 2014. With reimbursements continually being cut and the complexities of managing a practice exponentially escalating, every physician needs to work smarter. This tool is our contribution to helping independent physicians remain independent.

The Revenue Shield System™ is middleware, a software that works independently but in conjunction with your practice management and/or EHR systems. Simply put, it finds the revenue that is slipping through your practice as a result of underpayments, improper insurance bundling, coding errors, and billing mishaps (a problem we call Practice Leak). In less than one year we have found over $800,000 for independent physicians coast to coast!

If you have any concerns that revenue might be slipping through your practice please come by our booth to discuss a free Proof Module Analysis®. If you are confident your current billing solution is rock solid, put it to the test. Our initial data analysis is free and often eye opening.

Learn more about our unique Revenue Cycle Management system.

We look forward to seeing you at  Booth Number #315!


Dan Rodgers
President and CEO

2014 Medicare MU Attestation Deadline Extended

2014 Medicare MU Attestation Deadline Extended to March 20th 2015

If you are an Eligible Professional participating in the Medicare EHR Incentive Program, now you have until 11:59 p.m. ET on March 20, 2015 to attest to demonstrate Meaningful Use of the data collected during your 2014 EHR reporting period. This new deadline is an extension from the previous deadline of February 28th, so attest soon!

We urge providers to complete attestation for 2014 as soon as possible.

This extension also enables eligible professionals who have not already used their one “switch” to switch programs (from Medicare to Medicaid, or vice versa) for the 2014 payment year until 11:59 pm ET on March 20, 2015. After that time, eligible professionals will no longer be able to switch programs.

If you are participating in the Medicaid EHR Incentive Program, please refer to refer to your state’s deadlines for attestation information.

Note: The Medicare extension does not affect deadlines for the Medicaid EHR Incentive Program.

Image Source: Lygeia Ricciardi (@Lygeia on Twitter)

PWC and Google partner with EHR

Big name added in bid for DOD’s EHR contract – Google

A PricewaterhouseCoopers-led group has linked tech giant Google in vying for the Defense Department’s $11 billion electronic health-record contract.

Google’s search services will allow providers to query EHR data extensively, Garrett said. A doctor could query it for all the patients with post-traumatic stress disorder, for example, and then search for correlations between patients with the disorder and comorbidities, or other factors that led to an improvement or decline in health.

Read the full article on Modern Healthcare