Keypass (not to be mistaken with the password manager “Keepass”) is a new form of ransomware that is spreading fast that has infected hundreds of computers around the world.

What is Ransomware?

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.

Whats different about this new Keypass Ransomware?

The Keypass Ransomware sounds a lot like the software KeePass which is a password manager. This is causing people to unrightfully trust the software and proceed with its installation.

What are industry leaders in security saying about Keypass Ransomware?

Kaspersky, an industry leader in cyber security quote ” KeyPass is also undiscerning in its choice of hostage files. Many ransomware species hunt documents with specific extensions, but this one bypasses only a few folders. All other content on the computer is transformed into mumbo-jumbo with the extension .keypass. It doesn’t actually encrypt files in their entirety, just the first 5MB of each, but that’s little consolation.”

How can Ransomware affect me or my business?

The services industry is the sector most affected by ransomware, accounting for 38 per cent of reported infections in the last year. Businesses in this sector, care homes and recruitment agencies, handle high volumes of data and typically integrate with various internet services and applications that expose them to infections.

Once your data is infected there really is no way of getting it back, this is a catastrophe for a business that handles a lot of personal data because not only are you liable to fines and punishment but your business ay cease t operate without the valuable data.

What can I do to prevent Ransomware?

• Keep anti-viruses up to date
• Don’t download any suspicious programs
• Keep regular backups
• Have secure connections at all time
• Always check file extensions at the end of a file ( e.g. .EXE, .DOCX, .XSL, etc)

What to do if my data is locked by Ransomware?

• Isolate the infected computer. Disconnecting infected laptops, computers and smartphones help prevent the ransomware attacking other network drives.
• Contact your IT support. Alert the breach to your support team and make sure they have all the information regarding when it was first spotted and how many computers have been infected.
• Don’t pay the ransom. There’s no guarantee that an attacker will decrypt your files or restore access to your advice, and the ransom may be used to fund attacks against others. Explore your options first.
• Explore your options. You can restore any damaged files from a backup and minimise the amount of time your system is down. As a rule, you should be backing up at least once a day. You can also attempt to decrypt your files with anti-cryptor tools or wipe the computer clean.

How can SenServe help prevent a Ransomware attack?

• Update anti-virus regularly
• Find tools that detect newer ransomware
• Backup your data every day
• Ensure your data is backed up on a disconnected drive
• Enable the use of anti-cryptor tools
• Disable USB usage on PCs

Simply put, this is a similar story to how most ransomware works, as soon as you’re infected, your files become encrypted and you’re unable to open them. Keypass turns file encryption against you which mean there’s not much you can do when you are infected.

If you would like to discuss this in more detail or require specific security advise, feel free to contact us .