The National Cyber Security Centre is reporting this week on “Bad Rabbit,” a new strain of ransomware.
Bad Rabbit infections were detected in Russia and Ukraine earlier in the week, with additional reports noting that infections had spread to Germany, Poland, Turkey, Bulgaria, Japan, South Korea, and the United States. While the NCSC has not yet detected any Bad Rabbit infections in the UK, it’s surely just a matter of time.
The Bad Rabbit ransomware is posing as a phony Adobe Flash Player installer. You won’t know it’s phony as it’s posted on a website that has been hacked. Once a user runs the installer, it infects that computer and then uses a tool to start searching for stored login credentials it can use to spread to other computers on the network. Once the Bad Rabbit ransomware reaches full saturation, having infected all computers on the network, it then encrypts all files, making them inaccessible, and posts a ransom note to the victim ordering them to pay approximately £213.
What do you need to know to try and avoid this and other ransomware?
- Disable Adobe Flash Player if you have it. Don’t install or update anything that looks like Adobe Flash Player; ignore any prompts to do so.
- Make sure your data is backed up properly. Your IT providers can restore all encrypted files without you having to pay the ransom.
- Be cautious of unexpected emails. Don’t click on any links or open any attachments if they look suspicious or if it comes from an unknown source.
If you have any questions or concerns about this ransomware or about your network security, please give our office a call.