Bad Rabbit – Another day another threat

Once again, we are bracing ourselves for the potential of a world-wide spread of a malicious malware product.  So far mostly confined to Russia and the Ukraine, this ransomware, affectionately known as Bad Rabbit, is sweeping through systems in those countries, causing havoc.  It’s only a matter of time before we see it closer to home. US officials said they had “received multiple reports of Bad Rabbit ransomware infections in many countries around the world”.

So, what is it? This year has seen an escalation of ransomware globally, with computers being encrypted and only when a ransom is paid, are the computers (or data) rendered usable again.  WannaCry made the headlines in May as it swept the globe, soon followed by the NotPetya strain of the same virus (yes, strain).  And now we have Bad Rabbit.

Initially Bad Rabbit was thought to be something new entirely, which created quite a stir in IT security.  However, as the code has been dissected, it is now known that it is a relative of the previous two (WannaCry and NotPetya) this year.  It was predicted back in May that this would happen, that many strains and versions of the malware would follow.

The origins of the code and who’s behind it is widely debated and from an end-user’s point of view, is largely irrelevant.  All you need to know is how to avoid it.

  • Do not run Adobe Flash updates – The most common vector of transmission is via Adobe Flash updates. These come up when you are on a website and a pop up might ask you to update your Flash product to view something. As soon as you click ok, the software downloads to your PC and begins the encryption process.  Simply put – do not update Adobe Flash.  In fact, as known security vulnerability, it’s advisable to remove the product entirely if you have no need of it.
  • Have up to date Security software on your PC – At BITS we are resellers of ESET security products and we are happy to say, that our clients are safe from this attack because the latest security updates can deal with this threat.
  • Have good back-ups – If you are unlucky enough to get caught with this threat, you won’t have a thing to worry about, once you have a back-up you can recover from.
  • Be click-ware – this software needs you to click a link or download something. The end user must engage in some way for the virus to make its way onto your computer.  If you are vigilant when on-line or using email, you will avoid a lot of trouble for yourself.
  • Do not engage with unsolicited contact – In this particular case, email is, for once, not culpable. However, it’s never a guarantee and all vectors of transmission cannot be known.  Maintain good email behaviour.

If you or any of your colleagues have any concerns or think you may have unwittingly downloaded something malicious, please feel free to contact us at [email protected] or call 056-7786882