Recently there’s been a lot of news coverage about viruses and emails that scramble and encrypt data and files on company computers. The latest threat is known as Zepto ransomware. Here’s what you need to know and do to keep your business safe.
Although it may sound alarmist, we’re still seeing East Midlands companies getting attacked by computer viruses and suffering severe disruption and loss of business-critical data.
The unfortunate truth of the matter is that this is becoming a more common issue and everyone is vulnerable. It’s having a serious impact on the local business community and it may very well hit you.
Zero-day email threats
ICT security specialists use the phrase zero-day threat. This is when computer threats evolve so quickly that they can successfully attack computer systems without warning, before they’ve even been identified by the experts. This means new threats are often one step ahead of security systems.
More often than not, these sorts of threats are known as Ransomware. This is based on the fact that a fee is demanded by the perpetrators for a decryption key that allows you to recover your files.
As is often the case, the attack comes in the form of an email attachment that has to be opened before any harm is done. With awareness and caution, the risk is reduced for the time being at least. However, it’s by no means easy to differentiate genuine emails from these trojans.
Ransomware strikes again
The very latest threat is known as Zepto. This new form of Cryptolocker ransomware renames files with a .zepto file extension, as well as scrambling them. By renaming files you can see how much information has been encrypted and what you stand to lose if you refuse to pay up.
Zepto infections depend on certain scripts running on one or more of your computers. Typically, you would receive an attachment that appears as a Word document or ZIP file within an email. Most computers have these scripts and programs disabled by default. So how does an attack succeed?
Ironically, Zepto attacks hijack security warnings that ask for confirmation, such as, “Are you sure you want to run this application?” It’s more complicated than that though, as there may be buttons labelled “options” or “more info”, so if you’re suspicious and click one of these you may inadvertently allow an attack.
How to safeguard your business
First of all, you must keep all of your software fully up-to-date and you should back-up at regular intervals.
There are also insurance policies that cover financial loss for some types of damage caused by attacks. However, these steps alone are not enough to keep you safe.
Zero-day threats give no warning, so software patch-fixes come too late for many businesses. While there are insurance policies covering hacking and virus attack, many losses are not as easy to define – loss of reputation for example, or data retrieval may simply take too long for complete business recovery.
Planning and prevention is critical for survival. You must also consider what steps you will take when an attack happens.
Self-help and expert advice
User awareness and education helps. There are a number of useful sources you can check on the web to keep up with the latest cybersecurity news and you needn’t be too IT savvy to follow the advice. To get you started, here are some of our recent articles:
- Cybersecurity – keeping your business safe
- How to protect your online security
- Cyrptolocker ransomware threats on the rise again
- Email and invoice fraud: safeguarding your business
However, this is a complex area and technical expertise is needed to fully protect your business. Air-IT can help.