There is an old adage which was
oft quoted to me in my youth “if at first
you don’t succeed try, try again”. No doubt with this adage in mind the cyber
criminal community has launched version 3 of the ransom virus and it has landed
on the Irish internet with a loud bang. Make no mistake about this version
if it manages to fool you or bypass your security (both of which, with respect,
are much easier than you may imagine) it will, to quote our American cousins, “take out” your data.
Code named Zepto I’ve seen its effects first hand and had the rather
unfortunate duty of conveying to the computer user that I could not undo the
damage it had inflected on her data.
Virus Description
The
Zepto ransomware virus is designed to render targeted personal data completely
unusable by encrypting it and demanding a ransom of approximately 256 euro (1/2
bit coin) to unencrypted it. Note: The original version demanded 1 bitcoin so
there is a discount on this version! The virus like previous variants works in
the background (stealth mode) and reveals itself only when it has completed its
nefarious task.
Why It’s Different
Zepto
and the ransomware suite of viruses mark a departure from traditional methods
of stealing your money as they exploit the very tools designed to protect data
– encryption. The term “raising computer security on its own petard” comes to
mind as:
#1
There is no known method of decrypting data hit by a
ransom virus. This is critical in your
understanding of this virus. If it gets on your system you
will be faced with either paying the ransom or kissing your data goodbye.
#2
It targets all your storage including
Cloud storage such as ICLOUD Dropbox and Google Drive rendering these
“believed” backup solutions useless to
recover from it. If your usb backup is
attached to your computer it will encrypt any data on it.
#3
The writers of these viruses are learning from their mistakes and each time the
criminal enterprise is shutdown. They use the “dark web” and bitcoin to avoid
police prosecution. You should not rely on
your anti-virus software to protect you against these type of viruses.
In
conclusion the only effective protection against these type of viruses is to
plan to recovery from it. Thus traditional offline
backups are the only way to recover from an
attack.
