are the Same.
Get 30 Years of Expertise Immediately.
Fill in the form below and we will get to work right away.
CPU respects your privacy. We will never sell, rent or share to ANYONE. You can trust us.
Earlier this year, a ransomware variant called Petya spread across North America hitting corporate giants like Merck and FedEx. The virus is so serious that some affected companies were faced with the fact that their data was simply not recoverable. In fact, FedEx and other affected companies faced material financial impact in light of the attack. Merck also experienced financial losses of over $275 million, prompting many businesses to take a second look at cybersecurity insurance strategies.
Petya’s Latest Variant: Bad Rabbit Ransomware Starts Rampage With Hits on Russian & Ukrainian Companies
Business owners took notice when Petya first hit the scene, but there’s good reason for professionals to stay on high-alert. Like most malware viruses, Petya has morphed into countless variants overtime. The latest potential Petya variant has been dubbed Bad Rabbit and has already affected systems at three Russian websites, an airport in Ukraine and an underground railway in the capital city, of Kiev, according to BBC. Even worse, Bad Rabbit Shows no signs of stopping as it spreads rapidly across Russia, Ukraine, Germany and now into North America.
Touching Down in the US: Bad Rabbit Spreads to North America and Has US Department of Homeland Security Taking Notice
Early Wednesday morning, leading anti-virus security company, Avast, reported that the Bad Rabbit virus had made its way to the US. Though specific breach details are difficult to come by, the US Department of Homeland Security (DHS) issued a warning about Bad Rabbit yesterday stating:
“US-CERT has received multiple reports of Bad Rabbit ransomware infections in many countries around the world. This suspected variant of Petya ransomware is malicious software that infects a computer and restricts user access to the infected machine until a ransom is paid to unlock it. US-CERT discourages individuals and organizations from paying the ransom, as this does not guarantee that access will be restored. Using unpatched and unsupported software may increase the risk of proliferation of cybersecurity threats, such as ransomware.”
DHS urged individuals and businesses to take notice and be vigilant in the face of this latest malware attack. To combat the threat, DHS is urging IT professionals to review US-CERT Alerts TA16-181A and TA17-132A, each of which describe recent ransomware events.
While cybercriminals can often be hard to track, and prosecute, DHS is urging professionals to recognize the importance of making explicit reports in the case of an attack. The organization asked any potential victims of Bad Rabbit to report ransomware incidents to the Internet Crime Complaint Center (IC3) immediately.
So, How Does It Work? Understanding How the Bad Rabbit Virus Moves in and Takes Company Networks Hostage
Bad Rabbit might sound like a cartoon character but the impacts of this ransomware variant are no laughing matter. The Bad Rabbit virus works swiftly to encrypt the contents of a computer and asks for a payment of 0.05 bitcoins, or about $280 (£213), according to recent reports.
The ransomware masquerades itself as a convincing update for Adobe Flash, and once downloaded it attempts to spread within victims’ networks, according to The Wall Street Journal. In reality of course, the attacks “do not utilize any legitimate Flash Player updates nor are they associated with any known Adobe product vulnerabilities,” warns an Adobe spokeswoman.
In the face of this looming cyber threat, professionals have one question: how can I protect my business from the Bad Rabbit virus? Cyber security professionals across the country have been working to identify concrete ways to prevent the Bad Rabbit virus and help business owners stop the cybercriminals in their tracks. The leading ways to keep your company in the clear are listed below.
1. Vaccinate your Machines: Early Wednesday morning, a Massachusetts researcher from Cybereason, claimed that he has a vaccine to protect customers from Bad Rabbit. Following this short series of fool-proof steps will automatically vaccinate your company’s computers, laptops and other devices, keeping them safe from Bad Rabbit invasion:
Next, Microsoft states that since Bad Rabbit will clear the event logs and create various scheduled tasks under the names Drogon, Rhaegal and Viserion, business owners can monitor their event logs to proactively detect this type of malicious activity.
The key events that business owners should be looking for include:
System administrators can then attach a scheduled task to these events that will run a specified command if the events are detected. This command, for example, could require an email or alert to be sent to an administrator. If these events are detected proactively, they could offer indication that the computer has been scheduled for a shutdown. Microsoft suggests business owners can then abort this process by using the shutdown-a command.
Although most IT providers are committed to providing information and resources that empower business owners to protect themselves, professionals should never have to face overwhelming cyber threats alone. Sometimes reaching out for support is the best way to protect your business and restore peace of mind.
If you’re worried about Bad Rabbit and its ability to take hold of your critical business data and not sure how to best protect your business, reach out to CPU, your Ohio IT experts, for the most proactive cybersecurity support. Whatever you do, don’t wait to fall down the rabbit hole.
Published on 27th October 2017 by Jeanne DeWitt.