"Bad Rabbit" Ransomware on the Loose

Russian cybersecurity firm Kaspersky Labs identified a new strain of ransomware attack recently circulating the internet, being dubbed as “Bad Rabbit”. It is reportedly targeting both organizations and consumers with approximately 200 victims already affected.

For those uninformed, ransomware is a form of malicious software infection that encrypts or sabotages the target victim’s files, then demands a ransom through specific payment methods to remedy the issue. Cybersecurity analysts have identified that Bad Rabbit operates like typical ransomware, encrypting files and requesting a payment of 0.05 bitcoin ($281 US.). Bad Rabbit is also constrained with a time-limit of approximately 40 hours before the ransom price increases.

Research has shown that 38% of consumer victims have been paying ransoms in the range of $100 to $500 US in hope of retrieving their data. This indicates that enough isn’t being done to inform and protect consumers from these types of threats. Typical news outlets neither report them, inform, nor warn consumers of it with

For those worried about contracting ransomware, there are three general rules to apply:

1. Be careful. Avoid any suspicious links, authentication requests and strange email accounts. Social engineering is still a primary method of exploiting gullible users.
   
   
2. Apply security patches. More and more vulnerabilities are being discovered on a daily basis as well as exploitations to take advantage of it. Ensuring that all operating systems and applications are up-to-date will provide an initial perimeter defense to ensure all systems are protected.
   
   
3. Install protection. Anti-Malware / Anti-Virus software can now capably protect against these types of threats, even Microsoft has embedded ransomware security into their latest Windows 10 updates (it needs to be manually activated however).
   
   

In addition to these three pieces of advice, another suggestion is to make backup copies of all valuable data to multiple devices (preferably unconnected), or make use of cloud storage services. I haven't encountered anyone who's personal information was affected by ransomware, however there have been numerous incidents in the organisation I work in. Have you or anyone you know been affected by any ransomware? What are your thoughts on the subject? Leave a comment below.