New Ransomware attack: Bad Rabbit outbreak following WannaCry and Petya attacks

What is Bad Rabbit Ransomware?

Bad Rabbit is the latest strain of malicious malware to hit organisations following a number of big Ransomware attacks earlier this year. It is reported that Bad Rabbit has infected organisations in Russia, Germany and Turkey.

Bad Rabbit Ransomware is a form of malware that can deny a company access to its own data. The cyber criminals behind Bad Rabbit encrypt the information on your network and ask for money (usually in the form of Bitcoin) in return for a code that will return your data. Many organisations across the globe have fallen victim to Ransomware and had their valuable business data locked down and held to ransom. 

What kind of businesses does Ransomware target?

The NHS was hit earlier this year with a Ransomware attack named WannaCry that devastated the organisation and put lives at risk. High-profile names frequently hit the headlines for being the targets of these Ransomware attacks, but experts warn that cyber criminals don’t discriminate when it comes to the size of a business. The banking and healthcare sectors are a real sweet spot for these attacks due to outdated systems and access to large funds to hand over as ransom. Though this certainly doesn’t rule out SMEs and individuals who have been targeted and hit with this attack.

Cyber criminals will also target companies who aren’t aware or informed when it comes to IT security and the threat Ransomware poses. The organisations who perhaps don’t put a priority on securing their data make themselves a target as their systems are more likely to be vulnerable and open to attack. 

When did Ransomware begin?

Ransomware has been around for a while but only highly publicised in the last few years following a spate of high-profile attacks. The first known Ransomware attack occurred in 1989 and was orchestrated by Joseph Popp, an AIDS researcher who supplied 20,000 floppy disks to other AIDS researchers across more than 90 countries. It was claimed that the content was a programme that analysed the risk of contracting HIV using a questionnaire.

This was a clever disguise devised to infiltrate. It was later discovered these discs contained a malware that sat dormant on each machine until the PC was powered on 90 times. As the machine was switched on for the 90^th time the user was denied access to their systems and a message appeared demanding payment. This Ransomware attack was later aptly named AIDS Trojan. 

How do you get rid of Ransomware?

The key to ‘removing’ Ransomware is not removal at all, rather businesses should put measures in place to prevent an attack in the first place. Experts advise not to pay the ransom to cyber criminals, by paying you’re encouraging further attacks as cyber criminals will consider the attack effective if you give in to their demands. In addition to this it’s widely reported that there is no guarantee you will get your data back if you give in and pay the ransom. 

How do you stop Ransomware?

Patch and update your software – TSG’s SystemCare takes care of this in the background without our customers even knowing. Patching and updating your systems isn’t widely regarded as the ‘sexiest’ Ransomware drop kick, however it’s something that could have potentially saved many of the more high-profile attacks that took place earlier this year.

Back up your data – by utilising a solution such as Datto, a leading cloud-based disaster recovery solution that keeps a back up of your data should a disaster like a Ransomware attack occur. Datto also underpins your business continuity strategy, in the event of a flood or fire all your business data is safe and accessible.

Protect your data – Adopting a solution such as Sophos Intercept X allows your organisation to protect valuable data from hackers. Intercept X stops Ransomware in its tracks, it offers a next generation Ransomware protection for organisations of all sizes.

Increase employee awareness – Sophos Phish Threat allows you to simulate a Ransomware attack delivered by email, this allows you to gauge how much your workforce knows about the threats cyber criminals pose and offer training to those who need it.

We understand that although many businesses put a priority on securing their data they also have a business to grow. That’s why organisations put their trust into managed service providers such as TSG who can take care of IT for you.