Whether its ransomware, malware, phishing emails, it’s in your best interest to be aware of the latest threats targeting companies and their computer networks. Recently, a ransomware named Robbinhood has been making rounds. Rather than being distributed through spam, this ransomware uses Trojans including hacked remote desktop services, emails with unknown attachments, or malicious websites to target and encrypt files on all the computers to which it can gain access. It has been responsible for a shutdown of city-owned computers in both Greenville, North Carolina and Baltimore, Maryland. RobbinHood has been found to stop 181 Windows services, including anti-virus, database, mail server and others that could keep files open and prevent their encryption. It also disconnects all networks shares, allowing the attacker to target individual machines.
What You Can Do
The best thing to protect yourself from any ransomware is to have a reliable backup of your files. Since some ransomware has been known to target backups, it’s best if you have an offline backup that can be easily accessed in case your entire network is shut down. Make sure your employees are aware of the possible threats and educate them about the importance of visiting only business-related websites while they’re at work, and not to open any email attachments without first confirming the email sender and why they were sent. Companies that rely on Remote Desktop Services that are publicly accessible via the internet are particularly at risk and should look into a firewall and only have your Remote Desktop Services accessed through a VPN. If you’re curious about how your network could be better protected, get in touch with ACS. We can assist with assessing your security needs whether you need to develop a backup and disaster recovery plan from scratch, or you just need to fine-tune your current system.
You can learn more about the Robbinhood Ransomware and how it works from BleepingComputer.