Share on: Twitter Google+ LinkedIn

Ransomware

At Sound Networks we have seen a recent rise in Ransomware attacks. Not only have we noticed this, but other providers have told us they are seeing the same too.

Ransomware is a type of Virus that will encrypt your files rendering them un-openable and consequently useless to you. The first thing most people know about it is when they cannot open a file and a box pops up politely asking them for payment details or bitcoins in return for providing the encryption key to unlock the file. Of course, we do not pay ransoms, (you also cannot confirm the sum asked for will in fact be that charged) so, “Is there really a way to remove ransomware viruses?” … the right question is “What’s the best way to prevent ransomware file loss?”

Backup, backup, backup…The old mantra still runs true. If you have a backup, you can simply delete the encrypted files and replace them with those from the backup. Otherwise, your options are to take your chances and pay the ransom – or lose your files. Some encrypted files have the file extension of .zepto which appears to be a new strain of what was previously naming files with the .locky extension. The filename itself called also be scrambled too.

The virus is commonly delivered as an email attachment which is currently managing to fool most Anti-Virus software in to seeming benign. Notable file type attachments are .zip and .docm. Once the attachment is opened it silently encrypts files and spreads like wildfire across corporate networks by seeking out mapped drives and encrypting those too. Once its work is done it removes itself, making tracing the offending machine on the network virtually impossible.

In summary – go careful out there. Keep an eye on your backups and if you have your own on-site mail server, look in to tightening up your Anti-Spam and Malware Filtering settings, it could save you a lot of bother.

 

Paul Cox

IT Director – Sound Networks