Bad Rabbit is the latest strain of ransomware. High profile cases earlier this year shut down major organisations and led to criticism of the NHS for their poor security and disaster recovery provision. Now, people may be warier when it comes to clicking on an unexpected file in an email, but hackers have taken this into account and the threat has evolved. The virus appears in the guise of an Adobe Flash Installer – something that anyone who browses the web will be so used to seeing that they may click on it without thinking. Bad Rabbit is taking hold of computers by appearing in disguise, and that is why it’s important for everyone in a team to understand IT security.
The attack has so far been contained to Eastern Europe, where it has done considerable damage to organisations primarily in Russia and Ukraine. It is the third large-scale ransomware attack this year, following on from WannaCry and NotPetya and the use of recognisable solutions such as the Adobe Installer suggest that the hackers are becoming more sophisticated and more determined.
All hackers seek to exploit a weakness within an organisation; in this case insecure websites are being compromised. Someone visiting the site wouldn’t be aware of the malware, but anyone who clicks on the link will find their computer locked and a ransom demand will appear for an average of $280 in Bitcoin with just 40 hours for payments to be made. The good news is that visiting an infected website alone will not cause any damage – the virus is only attached to the operating system once the link has been clicked.
There have yet to be any cases of attacks in the UK according to the National Cyber Security Centre, but the situation is being monitored. Their recommendation is that organisations should make sure all their security updates and software are installed. In addition, we’d advise informing all staff of the potential threat and provide support for anyone who is uncertain about anything that appears on their screen. It’s much better to have someone on hand to ask about any pop-ups rather than clicking and hoping for the best. That’s why we have a team of experts on hand to make sure that your systems are secure. Whether you think you need a refresher course in security, or just want to chat through your concerns, we’re happy to help. The hackers will never stop trying, so if you’re not sure about anything, give us a call.