Just when companies thought it was safe to ease up on their cyber security alertness, ransomware has come back with a vengeance. After successive malware campaigns brought about by the likes of Petya, WannaCry and Locky, businesses across the globe probably had their fill of ransomware for one year. Unfortunately, cyber crime doesn’t take a holiday, and yet another recent ransomware attack has wreaked havoc across Europe. The culprit: Bad Rabbit.
Recent ransomware attack all too familiar
It may sound cute and cuddly, but make no mistake, Bad Rabbit poses a very real and present danger to the integrity of sensitive data. Unlike September 2017’s Locky scare, which caused some debate about whether or not the threat could truly be considered ransomware, Bad Rabbit leaves no doubt. As ZDNet explained, victims reported receiving very clear ransom notes upon infection as well as a countdown timer for payment. Once the timer reaches zero, the message threatens to increase the ransom amount.
“Bad Rabbit poses a very real and present danger.”
Like any other ransomware threat, it’s not entirely clear what victims can expect if they agree to pay up. There’s no reason to believe Bad Rabbit’s perpetrators will ever honor their arrangement to release encrypted data.
Bad Rabbit heavily targets employees
Although most of the reported targets have come from Russia and Eastern Europe, Bad Rabbit has spread its reach into Asia and other corners of the globe as well. It’s important to remember that there’s no such thing as a completely localized threat, and regardless of where an attack happens, businesses across the world need to be on guard.
Organizational leaders need to be especially mindful of the threat posed by Bad Rabbit as the ransomware has reportedly used watering hole attacks to target business employees and spread to new victims. According to We Live Security, the culprits compromised several popular websites and leveraged drive-by download tactics to infect users’ machines. If the target trusts the site enough to agree to download and install the resulting malware, Bad Rabbit will completely lock down their computer or device.
What you can do to protect yourself
The cyber security community is hard at work finding a solution to this problem, and may have already found a way to safeguard against infection. By blocking the execution of these files, would-be victims can stave off the attack:
As always, cyber security experts recommend refusing payment as it only further emboldens data criminals to continue their ransomware campaigns. That can be a bitter pill to swallow, but if your organization has comprehensive backups and data recovery solutions in place, the impact will be minimized.
Adhering to cyber security best practices is always the best defense against any type of cyber attack. In many cases like Bad Rabbit, cyber criminals will try to use your employees against you. Data security solutions can help instill diligent security posture across your entire organization and close up potential vulnerabilities.