Watch out. A rampaging variant of malware known as Bad Rabbit is potentially threatening the UK. But what is this latest cyber attack risk and how can businesses ensure they avoid becoming one of its victims?
Bad Rabbit follows hot on the heels of WannaCry and Petya and the even more toxic variant of the latter, NotPetya. So far, it is Russia and Eastern Europe that have been most affected, with numerous businesses having their systems wiped out, including media outlets, an airport in Ukraine and a metro station.
In the case of Bad Rabbit, it appears large corporations have been the targeted, but with malware, smaller organisations are frequently impacted too.
Documents, spreadsheets and presentations are suddenly locked and all that remains is the ransom ware demand. For Bad Rabbit, payment of 0.05 bit coins - about £284 – is sought in return for a decryption key. Except, that there are no guarantees this will even be sent.
To pay or not to pay?
Authorities will warn against paying the ransom. But, there is no doubt that if there are no back-ups, some may feel it is a gamble worth taking. There are certainly examples of where companies have paid up and received a decryption key – but also others where they did not.
There were reports that the WannaCry ransom ware payment system was flawed, for example, as it is understood it was difficult for the perpetrators to work out who had paid up.
Apart from sending a message to criminals that they have succeeded, it is hard to know what percentage do get the key if they pay, since few businesses want to admit to this or indeed, say they have been affected in the first place.
A combination of strategies, if followed correctly, mean that a ransom ware attack becomes increasingly unlikely. Firstly, employees need to be kept up to date on the changing nature of attacks – for example, malware is usually downloaded because someone clicks on an email link, but in the case of Bad Rabbit, it was downloaded via a bogus Adobe Flash Player update.
Real flash player updates do not pop up on random website pages and if the site is not adobe.com then warning bells should be ringing.
The coding may be sophisticated, but the means to installation are not – it’s all about trickery and all too often, someone who is either unaware, under pressure or distracted will make the disastrous error.
Back up basics
Simply having valuable files on the hard drive is a recipe for disaster, so these should be backed up to an external hard drive and in particular, the cloud. There is now a consensus of opinion from security experts that cloud storage is far safer than legacy systems. Yet still some businesses believe otherwise, even though they are acting in a way similar to someone hiding money under their mattress rather than in the bank.
Indeed, while incidents have occurred within businesses using the cloud, this invariably happened because an employee clicked on a phishing link, a third party had unauthorised access to the network or they had not updated their anti-virus software.
Cloud providers the infrastructure to keep data safe 24 hours a day and will have more resources in terms of expert people and budget than most businesses. They are focused on security and have multi-layered encryption in addition to constantly scanning for threats – they invest heavily because their reputation depends on it
When Bad Rabbit fades into history, there will be many others to take its place. Let us hope the UK escapes unscathed this time around, but there is no doubt another attack close to home will materialise, so there is no time like the present to take preventative action.