Last week, security experts revealed a nasty new global ransomware attack: Bad Rabbit. But this is no Halloween trick — Bad Rabbit appears to be a variation of the WannaCry and Petya attacks, which infected hundreds of thousands of computers earlier this year and disrupted day-to-day operations for businesses around the globe.
So far, the extent of Bad Rabbit’s damage looks to be contained in Eastern Europe, with Russia serving as the biggest target. Other incidents were reported in Ukraine, Turkey, Germany, Poland, and South Korea, and United States security experts are on high alert to identify and contain any spread to North America.
Similar to so many past attacks, victims of Bad Rabbit were prompted a sinister-looking ransom note alerting them that their files were “no longer accessible.” Then, a large timer that starts counting down from approximately 40 hours ransom is displayed alongside a demand for payment in Bitcoin currency. Beyond that, some security researchers have discovered screens showing illicit Windows tasks activated by the virus that use the names Drogon and Rhaegal, references from the popular Game of Thrones TV series.
The source of the ransomware infection? Many experts point to infected websites that display fake Adobe Flash update prompts, similar to past exploits. Meanwhile, others point out that Bad Rabbit could arrive via infected links or files, as so many phishing scams have done in recent months. Either way, one inadvertent click is all it takes to lead to complete encryption of data on local hard drives and network-connected devices — this virus can take over your computer and turn into a Halloween nightmare, without user interaction or human error beyond the initial click. However, experts have indicated that so far it appears Bad Rabbit is attacking specific targets, rather than spreading like wildfire the way WannaCry did.
So far, many free anti-virus programs have not been able to detect Bad Rabbit or stop its spread. But reports indicate that users who have been infected by the ransomware attack may not have installed a security patch that was released earlier this spring by Microsoft. Which means that a proactive monitoring and maintenance solution like the one CMIT Solutions uses could protect your vital systems and critical data from this major cybersecurity threat.
In addition, the only surefire way to protect computers and the information they store from ransomware attacks is with automatic, remote data backup and recovery. This allows you to roll back to an uninfected machine and restore unencrypted data if you do become infected.
This Halloween, if you’re plagued by IT horrors, haunted by cybersecurity threats, or disturbed by devastating downtime, CMIT Solutions can help. With multi-layered protection, network security, proactive monitoring, and secure data storage, we can help you keep your systems safe, your data secure, and your day-to-day operations up and running. Want to keep your office from turning into a horror movie this Halloween? Contact CMIT Solutions today.