13th Nov 2017
The economies worldwide are increasingly progressing towards digitalization with large number of business organizations marking their online presence. Everything and almost anything is there on the web which had made businesses more prone to cyber security threats. No industry seems to be immune, which is clearly evident in reports of Kaspersky Lab that states that every 40 seconds a company is hit by a ransomware.
Bad Rabbit is the latest of all and has hit over 200 organizations and consumers all across Russia, Bulgaria, Turkey as well as some parts of Europe. It started off on October 24 and has mainly targeted news and media websites. However, the real name of bad rabbit is Diskcoder.d and the malware is quite similar to Petya which was caused by Diskcoder.c.
How Does It Spread –
The malware enters the user’s network when the user installs Adobe Flash Player from a website that is hacked. Soon after the fake flash installer corrupted with malicious malware is run on the system and all files are encrypted.
A ransom note then appears on their screens and the users are asked to pay 0.05 bitcoins within 41 hours to get the decryption key. If the payment is not made on time, then the ransom amount increases and the user is forced to pay more.
Also the hackers behind Bad Rabbit seem to have great interest in Games Of Thrones as one can find trails of Viserion, Rhaegal, Drogon and the other characters based on the servies in the code. Also they select their targets and infect only intended systems.
How To Protect Yourself –
- Create Shadow Copies – It is possible to recover the files if the shadow copies exist, as the malware does not delete or encrypt them. The files can be recovered through 3rd party utilities or by using Standard Windows Mechanism.
- Password Protection – Do not use too simple usernames and passwords as they pose a serious threat to cyber security.
- Software – Ensure that you have Windows Security Bulletins installed on your system.
- File Extension – To save themselves from the malware users must block the execution of the file ‘c: \ windows \ infpub.dat, C: \ Windows \ cscc.dat.’
- Anti-Virus – Install Anti- virus that can protect you against such malevolent malwares.
- Back Ups – It is important to maintain back-up of all your important files which can be kept either offline or online. Also make sure that you update your systems every now and then.
- Download From Trusted Sources – Do not execute or download any updates from an untrusted source. Often the ransomware is disguised as an Adobe Flash update but is actually a malware which is injected in the user’s system when once it is downloaded.
- Restrict User Privileges – Grant minimum user privileges and give administrator rights to trusted employees only.
It is advisable to take necessary preventive steps well in advance to avoid such cyber-attacks at the first place.
We at Centex Technologies, provide complete IT Infrastructure Security Solutions to Corporates. For details, call Us at (254) 213-4740 .