When it comes to business security, today’s climate is a careful one. It seems like every week the latest and most dangerous ransomware is coming for us.
These can come through a variety of ways, like employees, clients, and websites. The most recent threat we’ve seen is called Rokku. Built upon predecessors, it’s only the next step in the fight against business security systems. Ransomware is a dangerous thing. The main concept is a mix of fear tactics and file encryption. After the system is infected, the virus will normally lay dormant for a time.
Once every file is found and changed to an encrypted state, a message will display, stating the worst.
All of your files are locked until you pay whatever sum the developers demand. Once in this state, you are generally given only a number of hours before your files and content are deleted permanently.
In this instant, many people will jump up to pay for their files in order to save further expense and headache. Unfortunately, doing so rarely helps the issue.
After the ransom is paid, you are supposedly granted access to the files and everything continues on unhindered. That said, there are many times you can send the money in and receive nothing in return.
Your files will still have their encrypted extensions (e.g. *filename*.rokku) and you will be in an even bigger hole than before. Some of the older encryptions have programs made by third parties to help those infected, but this is also often not the case.
In the Rokku scenario, there is no progress made in decryption. No patterns have been found and files are completely distorted in comparison to their original state.
As if it isn’t already enough, there is still more to worry about. Rokku as well as other ransomwares will not stop at only the infected computer. Network shares are also subject to complete encryption.
In short order, your entire network is no longer your own. With this in mind, the question is simple. What can you do?
Ransomware is definitely a problem and is not going away anytime soon.
That said, there is more progress these days than when we first started seeing it pop up on systems. Using Rokku as an example, some newer versions are built off of older attacks.
As such, they can often follow the same patterns and can be taken care of. Anti-virus and anti-malware services are also more and more proactive against these threats.
User error can, however, still cause alarm and ruin things very quickly. Rokku and many of its predecessors are sent through email attachments. Once opened, they will start to run and everything will spiral downward from there.
It is important to know and keep others informed on basic safety practices when it comes to operating computers. Keep in mind to not trust strange sites, emails, or messages that you were not expecting or do not know the sender. Also, be aware of common spam signs.
Misspellings, exaggerated results, and poor grammar are often giveaways.
If you want to review your current computer climate, we recommend giving us a call. With preventive maintenance, business class protection, corporate antivirus, and monitors running to ensure a steady flow, we can ensure the safety and reliability of any network and the important files that it may contain.
The absolute best way to avoid a disaster such as Rokku and other ransomwares is to stop it before it happens.