Bad Rabbit | What Is Known?
When a person hears the words “bad rabbit,” they might recall the scene in the 1975 film Monty Python and the Holy Grail in which a vicious rabbit brutally attacks a knight. "That's the most foul, cruel, and bad-tempered rodent you ever set eyes on!" Unfortunately, this “Bad Rabbit” has no comedic value, and is yet another cruel ransomware attack recently discovered throughout Eastern Europe.
Many organizations and consumer victims in Russia and the Ukraine, were exploited by a 'drive-by attack' in which a fake Adobe Flash installer is downloaded with malware and directs the user to pay a bitcoin ransom. Victims are targeted by visiting legitimate websites, such as compromised news or media websites, and prompted to download the installer named install_flash_player.exe where data files are then encrypted. The ransom note informs the victim that their files are no longer accessible.
Is Bad Rabbit connected to recent cyber-attacks such as Petya?
Researchers have indicated a similarity to the Petya/Not Petya ransomware reported earlier in 2017. It shares much of the same code and can move laterally across an infected network. It seems that many of the victims, so far, have been targeted in corporate networks and that Bad Rabbit may very well be created by the same hackers.
How do I mitigate the risk of ransomware?
It's important to analyze updates and patches until your IT department has had a chance to review its configurations. Jumping too soon in to these kinds of updates, patches, and downloads can put your business at serious risk of downtime and financial loss.
As always, Platinum Systems discourages businesses from paying ransomware since there is no guarantee data will be restored. Do not click on "updates" that appear to look official. Having your dedicated team of Platinum Systems experts reviewing any suspicious messages from Adobe Flash, or any other updates for that matter, will help keep your business in the safe zone.
How do I protect my business?
Our recommendations for a multilayered approach to network security remain the same:
Data Backups: If your business does not have a solid offsite data backup and disaster recovery plan, it needs one immediately. Contact one of our Solutions Team Specialists for more information on our PtCB – Cloud Backup solution at info@platinumsystems.net.
Antivirus and Email Filtering: Implementing a strong antivirus and email filtering solution helps prevent spam messages with attached ransomware and viruses from reaching users. Contact our Solutions Team for more details on adding these additional layers of security to your email process.
Group Policies, Permissions, and Passwords: Minimize risks by implementing user and group permissions on shared drives and files. Implementing stronger password policies will ensure that another layer of security is applied to your network. A quick email to our service team at service@platinumsystems.net will create a support ticket to help identify and implement the right policies.
User Training: Security best practice staff training is critical in keeping everyone vigilant when handling email and utilizing the internet. No matter how relevant an email may seem, execute caution at all times. Never open unsolicited attachments or click on links too quickly.
Managed Technology: Staying up-to-date on backups, network policies, and a whole host of network security requirements is a full-time responsibility. IT support is just as critical as accounting and human resources are to your business. If your business is not currently benefitting from one of our managed services, now is a good time to put your IT needs in the capable hands of either our PtMT – Managed Technology service with 24/7 monitoring and alerting, or our monthly PtRM – Remote Management solution for system updates and patches and monthly health summary reports. Give us a call at (888) 910-4407 to learn more.