As a small-business owner, you’ll often find yourself going down rabbit holes. Some can be solved with a little bit of elbow grease, but others can turn out to be a never-ending battle if ventured into without caution and a strategic plan of action. Unfortunately, Bad Rabbit falls under the latter.
While this ransomware takes its name from an adorable little creature, what it’s capable of is anything but cute. In fact, “bad” would be an understatement.
What do we know about Bad Rabbit?
Bad Rabbit is a strain of ransomware which spreads via web traffic from compromised websites. It poses as an Adobe update that prompts users to download a file called “install_flash_player.exe.” Once downloaded, Bad Rabbit will lock down the infected computers and demand 0.05 bitcoin (approximately $238) for files to be released.
Bad Rabbit has already hopped into numerous Russian media companies like Interfax and Fontanka; as well as transportation targets in Ukraine, including Odessa’s airport, Kiev’s subway, and the Ministry of Infrastructure. Attacks have also been reported in Germany, Poland, Bulgaria, Turkey, Japan, South Korea, and the U.S.A.
Ties to previous attack
According to cybersecurity firm Kaspersky Lab, Bad Rabbit’s method for attacking corporate networks is very similar to NotPetya, a major international ransomware outbreak from earlier in 2017. This is because Bad Rabbit was launched meticulously through a network of hacked websites, some of which link to NotPetya.
This was no coincidence; Kaspersky later confirmed, after thorough analysis of Bad Rabbit’s encryption algorithm, that the ransomware is in fact a modified version of NotPetya.
What does this mean for SMBs?
Apart from its ability to encrypt files, Bad Rabbit also has a module that allows it to spread easily and rapidly. After gaining access to a computer, it will scan the entire corporate network for open directories such as browser, admin, event log, and net logon.
Then, it will collect logins and passwords on the infected computer and use them to access other computers and steal confidential data.
How to protect your business
First and foremost, you should never download apps or software from pop-up advertisements that aren’t from legitimate software companies. Luckily, most advanced antivirus software can detect Bad Rabbit and protect your machines from being infected.
But the moral of the story is that more and more hackers are using sophisticated ransomware to extort money; NotPetya and Wannacry were two previous examples that Bad Rabbit has followed. To protect your business from any future ransomware attacks, you need to consider advanced data backup and unified threat management solutions.
At PC LAN TECHS, we understand that keeping up with security is a complex task. Our certified technicians have extensive cybersecurity experience and can advise the best possible ways to protect all your networks and devices without breaking the bank. Don’t wait for the worst to befall you. Protect what you’ve worked so hard to build, starting today.