Since Tuesday, reports of the Bad Rabbit ransomware virus have been flashing across news screens everywhere. The virus started its rampage in Europe, bubbling up in Russia, Ukraine, Turkey and Germany. However, the full extent of the virus’ reach still isn’t fully understood.
The virus targeted institutional giants in Ukraine including the Ministry of Infrastructure and Kiev’s public transportation system. Russia experienced similar hits to critical agencies including Interfax, a local news service that recently issued a statement to announce they had been hacked and were working to restore their network. Initial reports about the Bad Rabbit virus note that the virus is specifically attacking media outlets, and an additional Russian newsgroup, Fontanka.ru, was also affected.
Bad Rabbit Touches Down in the USA: US Department of Homeland Security Issues Warning
Since starting its path of destruction in Europe, several instances of the Bad Rabbit virus have now been reported in the US. Given the recent history of cybersecurity concerns, especially around Russia, the US Department of Homeland Security (DHS) isn’t taking any chances.
DHS released a statement earlier this week in reference to the attack:
“US-CERT has received multiple reports of Bad Rabbit ransomware infections in many countries around the world. This suspected variant of Petya ransomware is malicious software that infects a computer and restricts user access to the infected machine until a ransom is paid to unlock it. US-CERT discourages individuals and organizations from paying the ransom, as this does not guarantee that access will be restored. Using unpatched and unsupported software may increase the risk of proliferation of cybersecurity threats, such as ransomware.”
DHS urged individuals and businesses to take notice and be vigilant in the face of this latest malware attack. To combat the threat, DHS is urging IT professionals to review US-CERT Alerts TA16-181A and TA17-132A, each of which describes recent ransomware events.
Experts Weigh In: Is Bad Rabbit a Nasty By-Product of NotPetya or ExPetr?
Cybersecurity experts at Kaspersky and ESET have both noted that Bad Rabbit seems to have clear ties to recent malware pandemics NotPetya and/or ExPetr.
“Our researchers have detected a number of compromised websites – all news or media sites,” said Russian security company Kaspersky – now embroiled in a spying controversy, in a recent blog. “Based on our investigation, this is a targeted attack against corporate networks, using methods similar to those used in the ExPetr attack. However, we cannot confirm officially that it is related to ExPetr.”
Regardless of its origins, experts agree that Bad Rabbit now joins NotPetya and WannaCry as another of 2017’s major ransomware-style malware epidemics.
How Does It Work? Understanding How Bad Rabbit Takes Hold of Business Networks
Unlike other recent malware epidemics, which spread more passively, Bad Rabbit requires potential victims to download and execute a fraudulent Adobe Flash installation file. Once the phony downlo
Since Tuesday, reports of the Bad Rabbit ransomware virus have been flashing across news screens everywhere. The virus started its rampage in Europe, bubbling up in Russia, Ukraine, Turkey and Germany. However, the full extent of the virus’ reach still isn’t fully understood.
The virus targeted institutional giants in Ukraine including the Ministry of Infrastructure and Kiev’s public transportation system. Russia experienced similar hits to critical agencies including Interfax, a local news service that recently issued a statement to announce they had been hacked and were working to restore their network. Initial reports about the Bad Rabbit virus note that the virus is specifically attacking media outlets, and an additional Russian newsgroup, Fontanka.ru, was also affected.
Bad Rabbit Touches Down in the USA: US Department of Homeland Security Issues Warning
Since starting its path of destruction in Europe, several instances of the Bad Rabbit virus have now been reported in the US. Given the recent history of cybersecurity concerns, especially around Russia, the US Department of Homeland Security (DHS) isn’t taking any chances.
DHS released a statement earlier this week in reference to the attack:
“US-CERT has received multiple reports of Bad Rabbit ransomware infections in many countries around the world. This suspected variant of Petya ransomware is malicious software that infects a computer and restricts user access to the infected machine until a ransom is paid to unlock it. US-CERT discourages individuals and organizations from paying the ransom, as this does not guarantee that access will be restored. Using unpatched and unsupported software may increase the risk of proliferation of cybersecurity threats, such as ransomware.”
DHS urged individuals and businesses to take notice and be vigilant in the face of this latest malware attack. To combat the threat, DHS is urging IT professionals to review US-CERT Alerts TA16-181A and TA17-132A, each of which describes recent ransomware events.
Experts Weigh In: Is Bad Rabbit a Nasty By-Product of NotPetya or ExPetr?
Cybersecurity experts at Kaspersky and ESET have both noted that Bad Rabbit seems to have clear ties to recent malware pandemics NotPetya and/or ExPetr.
“Our researchers have detected a number of compromised websites – all news or media sites,” said Russian security company Kaspersky – now embroiled in a spying controversy, in a recent blog. “Based on our investigation, this is a targeted attack against corporate networks, using methods similar to those used in the ExPetr attack. However, we cannot confirm officially that it is related to ExPetr.”
Regardless of its origins, experts agree that Bad Rabbit now joins NotPetya and WannaCry as another of 2017’s major ransomware-style malware epidemics.
How Does It Work? Understanding How Bad Rabbit Takes Hold of Business Networks
Unlike other recent malware epidemics, which spread more passively, Bad Rabbit requires potential victims to download and execute a fraudulent Adobe Flash installation file. Once the phony download and installation is executed, machines and networks become infected with the malware.
In an interesting turn of events, it seems whoever created Bad Rabbit is a fan of the HBO hit, Game of Thrones. The malware infection makes reference to character Daenerys Targaryen and her dragons as well as Grey Worm, another beloved character. However, Bad Rabbit is anything but fantasy or fiction. The impacts of the infection are real-life disasters for any business or organization infected.
Computers infected with the malware direct the user to a .onion Tor domain where they are forced to pay .05 bitcoin (roughly $276 USD in exchange for the decryption and restored access to their data. Even worse? The domain then flashes a countdown on the screen, giving victims limited time to act before the ransom price increases. While this year has seen some instances of destructive malware disguised as ransomware, experts are still not full sure if Bad Rabbit actually collects a ransom and decrypts data in every case of infection. However, in a test case, a researcher was successful in having data restored once the ransom was paid.
Responding to Bad Rabbit: What to Do If You Get Infected and How to Prevent the Virus Proactively
First and foremost, as a rule of thumb, anyone infected is discouraged from paying the ransom. For one, there is absolutely no guarantee that the payment will restore data access. Secondly, much like the refusal to negotiate with terrorists, refusing to pay the ransom discourages criminals from using similar attacks in the future. If victims don’t pay, cybercriminals will realize their attempts at robbery are useless.
In terms of preventing the attack, some researchers have introduced promising options for proactive vaccination. Early Wednesday morning, a Massachusetts researcher from Cybereason, claimed that he has a vaccine to protect customers from Bad Rabbit. Following this short series of fool-proof steps will automatically vaccinate your company’s computers, laptops, and other devices, keeping them safe from Bad Rabbit invasion:
As news around Bad Rabbit continues to develop, US business professionals should be on high alert – working deliberately to monitor and protect their business networks. Be wary of Adobe Flash download prompts. Talk to other business professionals to spread the word. If you’re worried you’ve been affected or could be affected, reach out to a local cybersecurity expert for guidance and consultation. When professionals band together proactively, cybercriminals can and will be stopping in their tracks. Until then, stay alert and stay vigilant.
ad and installation is executed, machines and networks become infected with the malware.
In an interesting turn of events, it seems whoever created Bad Rabbit is a fan of the HBO hit, Game of Thrones. The malware infection makes reference to character Daenerys Targaryen and her dragons as well as Grey Worm, another beloved character. However, Bad Rabbit is anything but fantasy or fiction. The impacts of the infection are real-life disasters for any business or organization infected.
Computers infected with the malware direct the user to a .onion Tor domain where they are forced to pay .05 bitcoin (roughly $276 USD in exchange for the decryption and restored access to their data. Even worse? The domain then flashes a countdown on the screen, giving victims limited time to act before the ransom price increases. While this year has seen some instances of destructive malware disguised as ransomware, experts are still not full sure if Bad Rabbit actually collects a ransom and decrypts data in every case of infection. However, in a test case, a researcher was successful in having data restored once the ransom was paid.
Responding to Bad Rabbit: What to Do If You Get Infected and How to Prevent the Virus Proactively
First and foremost, as a rule of thumb, anyone infected is discouraged from paying the ransom. For one, there is absolutely no guarantee that the payment will restore data access. Secondly, much like the refusal to negotiate with terrorists, refusing to pay the ransom discourages criminals from using similar attacks in the future. If victims don’t pay, cybercriminals will realize their attempts at robbery are useless.
In terms of preventing the attack, some researchers have introduced promising options for proactive vaccination. Early Wednesday morning, a Massachusetts researcher from Cybereason, claimed that he has a vaccine to protect customers from Bad Rabbit. Following this short series of fool-proof steps will automatically vaccinate your company’s computers, laptops, and other devices, keeping them safe from Bad Rabbit invasion:
As news around Bad Rabbit continues to develop, US business professionals should be on high alert – working deliberately to monitor and protect their business networks. Be wary of Adobe Flash download prompts. Talk to other business professionals to spread the word. If you’re worried you’ve been affected or could be affected, reach out to a local cybersecurity expert for guidance and consultation. When professionals band together proactively, cybercriminals can and will be stopping in their tracks. Until then, stay alert and stay vigilant.
Curious to learn more? Contact your local managed IT service provider!
The internal team was energized. With the Level 1 work off its plate, the team turned its attention to the work that fueled company growth and gave them job satisfaction.
The average cost of a data breach in the United States is $8.64 million, which is the highest in the world, while the most expensive sector for data breach costs is the healthcare industry, with an average of $7.13 million (IBM).
It takes an average of 287 days for security teams to identify and contain a data breach, according to the “Cost of a Data Breach 2021” report released by IBM and Ponemon Institute.
More than 33 billion records will be stolen by cybercriminals by 2023, an increase of 175% from 2018.
40% of businesses will incorporate the anywhere operations model to accommodate the physical and digital experiences of both customers and employees (Techvera).
Forty-three percent of attacks are aimed at SMBs, but only 14% are prepared to defend themselves (Accenture).
The cost of cybercrime is predicted to hit $10.5 trillion by 2025, according to the latest version of the Cisco/Cybersecurity Ventures “2022 Cybersecurity Almanac.”.
The three sectors with the biggest spending on cybersecurity are banking, manufacturing, and the central/federal government, accounting for 30% of overall spending (IDC).
We did a proof of concept that met every requirement that our customer might have. In fact, we saw a substantial improvement.
We did everything that we needed to do, financially speaking. We got our invoices out to customers, we deposited checks, all the things we needed to do to keep our business running, and our customers had no idea about the tragedy. It didn’t impact them at all.
“We believe our success is due to the strength of our team, the breadth of our services, our flexibility in responding to clients, and our focus on strategic support.”