Cybersecurity Alert: New “Bad Rabbit” Ransomware Campaign Hitting U.S., Europe

10/31/2017

rabbit bdaRansomware cyber attacks are “today’s biggest cyber-threat.” Why? Because study after study published in news and technology media tell us so. Sure enough, headlines broke this week about a new ransomware threat dubbed “Bad Rabbit.”

This latest campaign emerged in Europe – Russia, Ukraine, Bulgaria, Turkey and Germany -- but quickly popped up in the U.S., too. The Wall Street Journal reported midweek that the Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) issued an alert reporting “multiple reports” of infections.

Bad Rabbit masquerades as an update to Adobe’s Flash multimedia player, authorities say, as notices to refresh Flash are common on legitimate websites. Once downloaded, the malware encrypts files on victims’ computers, rendering the machines useless until a bitcoin ransom is paid within a specific timeframe. In addition, Bad Rabbit attempts to spread within the network of an infected company, which can cause business operations to grind to a halt as one system after another is affected.

Tech news service ZDnet reported that Bad Rabbit shares similarities with Wannacry and Petya, which swept across globe this summer, but so far is not as widespread. Still, we believe our readers should be vigilant and careful. 

What do we like about these particular five methods? Each seeks to enhance the human element in cybersecurity, which we believe is the most powerful technology tool our readers possess:

  1. Increase Cybersecurity Awareness and Education Programs
    Here are a few of the tips users need to learn:
    • Never open email attachments from unknown senders or sources
    • Avoid enabling macros from any email attachments
    • Never click on web links embedded in unsolicited emails
    • Keep pace with the latest social engineering “phishing lures” that use brand names and other common language
  2. Implement a “White List”
    Don’t just blacklist websites known to carry malicious programs. Develop a “white list,” too. White lists point users to websites known to be secure. This approach not only limits risk, but offers convenience to employees and perhaps will boost productivity, too.
  3. Manage Permissions
    Should every employee have the authority to download software applications through company networks on company-owned and/or managed devices? Probably not. Restricting permission levels can prevent malware like ransomware from running or spreading quickly. Will some employees bristle at curbed privileges? No doubt they will. But at least they may ask “Why?” which increases individual cyber-savvy. See bullet #1.
  4. Deceive the Deceivers
    There’s a new class of security technology emerging called “deception tools.” These systems bait ransomware attackers with false data on decoy networks. Malware goes to work encrypting bogus information, keeping it away from real devices and data and giving cyber-monitors the chance to detect intrusions before damage is done.
  5. Leave the Technical Aspects to the Experts
    More and more IT Managed Services Providers (MSPs) are specializing in cybersecurity. Not only can they install and implement measures such as firewalls, they can monitor for intrusions and support recovery from incidents.