Recently there’s been a lot of news coverage about viruses and emails that scramble and encrypt data and files on company computers. The latest threat is known as Zepto ransomware. Here’s what you need to know and do to keep your business safe.

keyboard pad locked - IT security Air IT

Although it may sound alarmist, we’re still seeing East Midlands companies getting attacked by computer viruses and suffering severe disruption and loss of business-critical data.

The unfortunate truth of the matter is that this is becoming a more common issue and everyone is vulnerable. It’s having a serious impact on the local business community and it may very well hit you.

Zero-day email threats

ICT security specialists use the phrase zero-day threat. This is when computer threats evolve so quickly that they can successfully attack computer systems without warning, before they’ve even been identified by the experts. This means new threats are often one step ahead of security systems.

More often than not, these sorts of threats are known as Ransomware. This is based on the fact that a fee is demanded by the perpetrators for a decryption key that allows you to recover your files.

As is often the case, the attack comes in the form of an email attachment that has to be opened before any harm is done. With awareness and caution, the risk is reduced for the time being at least. However, it’s by no means easy to differentiate genuine emails from these trojans.

Ransomware strikes again

The very latest threat is known as Zepto. This new form of Cryptolocker ransomware renames files with a .zepto file extension, as well as scrambling them. By renaming files you can see how much information has been encrypted and what you stand to lose if you refuse to pay up.

Zepto virus ransom note Air IT support

Zepto Ransom Note

Zepto infections depend on certain scripts running on one or more of your computers. Typically, you would receive an attachment that appears as a Word document or ZIP file within an email. Most computers have these scripts and programs disabled by default. So how does an attack succeed?

Ironically, Zepto attacks hijack security warnings that ask for confirmation, such as, “Are you sure you want to run this application?” It’s more complicated than that though, as there may be buttons labelled “options” or “more info”, so if you’re suspicious and click one of these you may inadvertently allow an attack.

zepto ransomware payment screen

Zepto asks for payment in bitcoins for a decryption key to unlock your files

How to safeguard your business

First of all, you must keep all of your software fully up-to-date and you should back-up at regular intervals.

There are also insurance policies that cover financial loss for some types of damage caused by attacks. However, these steps alone are not enough to keep you safe.

Zero-day threats give no warning, so software patch-fixes come too late for many businesses. While there are insurance policies covering hacking and virus attack, many losses are not as easy to define – loss of reputation for example, or data retrieval may simply take too long for complete business recovery.

Planning and prevention is critical for survival. You must also consider what steps you will take when an attack happens.

Self-help and expert advice

User awareness and education helps. There are a number of useful sources you can check on the web to keep up with the latest cybersecurity news and you needn’t be too IT savvy to follow the advice. To get you started, here are some of our recent articles:

However, this is a complex area and technical expertise is needed to fully protect your business. Air-IT can help.

To find out more about our Managed Security, Backup and Continuity services please contact us today on 0115 880 0044 and we will be pleased to help and advise you further.