In the last 24 hrs, another variant of ransomware has hit the globe. The Bad Rabbit ransomware attack has hit Europe and according to the ABC, “The attack first shut down operations in Russia and Ukraine before spreading to computers in Romania, the Netherlands, Norway, France, Spain, and Britain”. This attack is likely to hit Australia soon, however, it has a slight twist…
Whats different about this attack?
Historically Ransomware relies on infecting users via email. However, as we become more educated about these attacks, we begin to spot them easier, and the attackers take new approaches. This latest variant is purposely being installed on compromised legitimate websites, asking users to update their Adobe Flash Player (Picture below).
People have been conditioned to be extra vigilant when opening emails but have never experienced this type of attack coming from legitimate websites they have potentially visited 100’s of times in the past.
While the infection itself has not been reported past Europe at the moment, the same tactic of infecting users will surely hit the western world in due course.
Here’s what the Bad Rabbit attack looks like:
Given the forever changing ransomware variants, antivirus, security patches and other anti-ransomware measures can lag new ransomware releases by a few days.
The best first line defence will always be user education backed by a solid backup system. Secondary line defences come in the form of routine system patching, use of complex passwords and a business grade spam/AV system.
If you do not currently perform offsite cloud backups, we strongly suggest you consider this as all current ransomware viruses specifically seek out and attempt to corrupt onsite backups.
If you do perform offsite cloud backups, we suggest you remind your team not to click on any links in emails and websites that they are unsure of. It will save you some sleepless nights.
If you have any questions or would like to formulate a strategy against ransomware attacks like Bad Rabbit, please contact Netway Networks for a no-obligation discussion.
For more information about this attack, please read the article from Wired