Zenis Ransomware To Leave Data Backups Encrypted

March 26th, 2018
Zenis Ransomware To Leave Data Backups Encrypted

zenis-ransomware-1

This week's Technology Today uncovers the good, the bad and the techy tid bits of Zenis - the ransomware that leaves your data encrypted, whether you pay or not!

The Virus

This sneaky little Trojan of a virus is targeting small to mid-sized businesses and web servers. Once infected, Zenis sources and overwrites any and all backups in your system, three times and then deletes them. This makes it very difficult, if not impossible for a victim to restore their data.

After encryption, Zenis demands payment to initiate file retrieval (see image below); however, our partner, Datto, stronglydiscourages this; as they have found there's NO guarantee you will get back your data, even when paying. Learn more on Datto'sfindings in their Channel Ransomware Report.

zenis-ransomware-2

How To Safeguard Yourself

At this point, there isn't a decryption process in place - so, you are out of luck, if infected. To ensure prevention, make sure to have a backup system in place, that's not stored on or accessible to production machines; but rather separated from said machines. Also, companies like Datto, are using an encrypted, proprietary transmission process called Mercury. This makes it harder for ransomware, like Zenis, to access backed up data.

It is thought that the Zenis Ransomware, may be getting access via hacked, remote desktop services. That being said, you must have a VPN (Virtual Private Network) as the liason. This will eliminate the risk that being connected directly through the internet poses.

It's important, now, more than ever, to certify your data redundancy in case of an emergency. The cost of a data outage can be crippling to a company - especially a small to mid-sized one.

Thoughts

Did you find this blog informative? Are you protected? If not, will you make sure to install backup processes and VPN for remote desktop access? Sound off below.

Until next time, Techies!

This week's Technology Today uncovers the good, the bad and the techy tid bits of Zenis - the ransomware that leaves your data encrypted, whether you pay or not!

The Virus

This sneaky little Trojan of a virus is targeting small to mid-sized businesses and web servers. Once infected, Zenis sources and overwrites any and all backups in your system, three times and then deletes them. This makes it very difficult, if not impossible for a victim to restore their data.

After encryption, Zenis demands payment to initiate file retrieval (see image below); however, our partner, Datto, stronglydiscourages this; as they have found there's NO guarantee you will get back your data, even when paying. Learn more on Datto'sfindings in their Channel Ransomware Report.

How To Safeguard Yourself

At this point, there isn't a decryption process in place - so, you are out of luck, if infected. To ensure prevention, make sure to have a backup system in place, that's not stored on or accessible to production machines; but rather separated from said machines. Also, companies like Datto, are using an encrypted, proprietary transmission process called Mercury. This makes it harder for ransomware, like Zenis, to access backed up data.

It is thought that the Zenis Ransomware, may be getting access via hacked, remote desktop services. That being said, you must have a VPN (Virtual Private Network) as the liason. This will eliminate the risk that being connected directly through the internet poses.

It's important, now, more than ever, to certify your data redundancy in case of an emergency. The cost of a data outage can be crippling to a company - especially a small to mid-sized one.

Thoughts

Did you find this blog informative? Are you protected? If not, will you make sure to install backup processes and VPN for remote desktop access? Sound off below.

Until next time, Techies!