by Asher DeMetz
Another ransomware attack made its way across the globe this week. Bad Rabbit started spreading across Russia and Eastern Europe on Oct. 24, and was detected in Germany, Japan, and the U.S. It never should have made it that far.
The ransomware came from hacked websites, where a pop-up window encouraged users to update Adobe Flash. Once inside a system, it spread laterally across networks using a standard list of weak passwords.
For now, it looks like the attack is over. But just like WannaCry, Petya/NotPetya, and every other ransom attack before them, Bad Rabbit never should have spread in the first place.
A quality proxy with filtering would have stopped users from connecting to the hacked sites, some of which had been compromised for months. Security awareness training may have made users think twice before installing updates that weren’t from a verified source. A solid credential-management program would have slowed Bad Rabbit’s propagation across networks.
Ransomware is easy to avoid with the right strategies. Now’s a good time to review your own. Do you have all of the following in place, updated, tested, and ready to go?
These are essential areas of any info sec program. If you take your security seriously, you’ll have already implemented them. If you haven’t, now’s a good time to start filling any gaps.
Ransomware like Bad Rabbit will always be a threat. With the right strategy, however, it’s easily avoidable.