Protect your data from Ransomware attack with Alliance Pro security services
Bad Rabbit Ransomware: The Latest Attack
What Is Bad Rabbit Ransomware?
A new strand of ransomware named Bad Rabbit appeared in Russia and the Ukraine and spread
throughout the day. It first was found after attacking Russian media outlets and large
organizations in the Ukraine, and has found its way into Western Europe and the United States.
The initial installer masquerades as a Flash update but is believed to be an updated version of
NotPetya, since the infection chain and component usage is identical. Interestingly, this malware
contains a list of hardcoded Windows credentials, most likely to brute force entry into devices on
the network. According to Alliance Pro Capture Labs Threat researchers, Bad Rabbit spreads
using the SMB protocol within Windows. We should think of it as a bug fix maintenance release
of NotPetya (within Eternal Blue method of propagation removed). The purpose of using the
SMB protocol is to spread laterally across an organization.
How Can Alliance Pro Experts Stop Ransomware Like Bad Rabbit?
All Firewall & Network security customers should immediately ensure they have the Capture
Advanced Threat Protection sandbox service turned on with their next-generation firewalls, and
have the Block Until Verdict feature activated. For Bad Rabbit, there is no need to manually
update the signatures on your network firewalls, as they are automatically propagated to the
worldwide installed base upon deployment.
General recommendations for everybody, regardless of their security vendor, include:
- Apply all patches to operating systems
- Protect endpoints with an up-to- date anti-virus solution
- Promote good password hygiene policies
- Ensure firewall and end point firmware is current
- Implement a network sandbox to discover and mitigate new threats
- Deploy a next-generation firewall with a gateway security subscription to stop known threats.
Firewall/Network security solution:
Alliance Pro IT has providing Firewall/Network security solutions India, we are certified partners and
authorized reseller of leading Firewall/Network security soft wares like SonicWALL, Barracuda, Fortinet,