Do you have a secure network and computers? Are you sure?

The IT world is being rocked by the new bad rabbit blackmail worm. It has even managed to infect major institutions such as the media, airports and subways! Are you sure your network, computers and company data are safe? Starting next year, you will not only face a fine, but also very fat penalties under the GDPR data protection and possible misuse regulations.

Russia, Ukraine, Germany and Turkey have been hit by a new cyber attack using ransomware. Ransomware called Bad Rabbit encrypted the computers of some media or transport companies and demanded a ransom to unblock them.

Among the most affected are the Kiev metro and Odessa International Airport. But infections have also been reported from Bulgaria, Japan, Turkey and Germany.

According to the US security agency US-CERT, it appears to be a new variant of the Petya ransomware that spread in Russia and Ukraine in May and June this year.

The ransomware appears to have entered computers through compromised websites of some Russian media outlets (watering hole attack).The devices of the Russian news agency Interfax were affected, but also, for example, the information system of the airport in Odessa, Ukraine, and the payment system of the Kiev metro.

The worm spreads via a fake update for Flash Player "The malware gets into the device by the user downloading and running it, thinking it is an update to the popular Flash Player tool," said a Cisco representative. "Users who visit the infected website are presented with an update window with Remind later and Install options. But both options lead to infection."

The incidence in the Czech Republic is still in units of cases, but it is developing quite dynamically, we continue to monitor everything," said Zuzana Zahorova, media representative of the antivirus company Sophos.

Bad Rabbit is trying to gain admin rights to the system. If the user does not have administrator rights, the program tries several common passwords.

Kaspersky Lab said that Bad Rabbit is a targeted attack similar to the Petya (exPetr) and WannaCry viruses that forced the temporary closure of a number of hospitals, factories and businesses around the world some time ago. Bad Rabbit blocked the affected devices and demanded a ransom in the virtual currency bitcoin for their release.

It's important to have a perfectly secure network and use precautionary measures. Block suspicious content and prevent it from entering the company and potentially encrypting data and then extorting it. At Railsformers we offer you a network security audit, i.e. checking how your network is currently doing and also outsourcing the network management, so you leave the responsibility for security to us and you will have a peaceful sleep again!

Source: https://technet.idnes.cz