A new strain of ransomware called Zenis is not only encrypting your data, it’s encrypting and deleting your backup files – even if you pay the ransom.
It is unclear how Zenis is spreading, but researchers believe it may be through a remote desktop service vulnerability. Currently, there is no known decryption method for Zenis.
This type of ransomware supports something we always tell our customers: You need a comprehensive offsite backup solution. Datto backup solutions use an encrypted proprietary transmission process that make it very difficult for ransomware to access the backup data. In the unlikely event that ransomware does encrypt the backup data, with a Datto Continuity product we can clean all infected devices and rollback the data to a time before the ransomware encrypted your data.
- Educate:Teach your staff about ransomware. Show them examples of suspicious emails with clear instructions on how to proceed, with particular emphasis on not opening attachments, and not forwarding the email.
- Secure: Antivirus software is essential. Ensure your security software and Windows are both up to date in order to protect against the newest threats.
- Backup: The best backup solutions will take frequent snapshots of incremental backups to create a series of recovery points which allow you to roll-back your data to a time before infection.
Do you think you’ve been infected with ransomware? Never pay the ransom! Contact us now.