Bad Rabbit Ransomware: What You Need to Know

October 25, 2017   //   Secure Your Assets Security,

A new ransomware outbreak has been identified bearing similarities to WannaCry from earlier this year. Dubbed Bad Rabbit, the ransomware appears to have simultaneously infected systems in Russia and Eastern Europe as of Tuesday, October 24. However, it is not yet known how far this malware will spread.

How to Spot a Bad Rabbit Attack

Bad Rabbit spreads through a fake Flash update pop-up that appears on compromised websites. Visitors are told that there is an “Adobe Flash Player” update needed on their computer.

The pop-up prompt looks similar to this:

Bad Rabbit

Once clicked, Bad Rabbit can move across a network via SMB and will encrypt shared files/folders. The criminals behind Bad Rabbit then send their demands and information on how to pay for the decryption password.

How to Protect Your Business

Bad Rabbit is yet another example of the importance of educating users on avoiding social engineering attacks like this. While large-scale attacks make headlines, smaller-scale ransomware attacks occur every day, arguably causing the most damage to small and mid-size organizations.

Understanding the risks your users present to your security is the first step in determining in your security posture. SWC’s security awareness program educates users on what to look for and how to avoid inadvertently exposing sensitive company data.

Our recommended security awareness training follows this general framework:

  1. Assessment & Testing: Simulate real-world social engineering and phishing attacks. These tests will provide a baseline for assessing your users’ ability to spot a potential threat.
  2. Risk Analysis: Review results and determine which areas of the business represent the highest risk.
  3. User Awareness Training: Educate users on how to spot social engineering and phishing attacks, identify red flags, and participate in the threat escalation and mitigation process.

While behavioral training is the first step, it is not the only component that needs to be addressed in a comprehensive security program. SWC’s Information Security Practice works closely with each of our partners to understand the nuances of their organization and optimize our security recommendations to fit the needs of the business. Contact Us to discuss how we can help you build a stronger cybersecurity defense.

SWC has developed a free whitepaper – Phishing for an Unwitting Accomplice – that explores trends surrounding social engineering and phishing attacks, as well as practical steps you can take to secure your sensitive data.

Phishing Security Whitepaper