Cybersecurity: Yes, Some Rabbits are Bad

Lisa Sullivan

Twitter | Email

Published on 11-10-2017

Categories: Articles

cyber security

Our Information Security Officer, Daniel Burgins, is regularly sharing articles about a widespread or emerging information security risk with our staff. He explains what the threat is, how to recognize it, and steps we can take to minimize our risk both at Coastal and at home. We thought the information was so helpful that we wanted to share with you, our readers. In this first installment, he explored Bad Rabbit Attacks.

One of the most recent Cyber security attacks is referred to as “Bad Rabbit”. Bad Rabbit is the latest ransomware attack that has currently compromised systems across Eastern Europe. Moscow’s cybersecurity firm has also reported that a number of major media companies were affected by this attack.

How the attack spreads

The Bad Rabbit attack spreads by encrypting files on hard drives through insecure websites, and asks for ransom in order to retrieve the company’s compromised data back. The malware is disguised as an Adobe Flash installer. When a user clicks of the file, it starts locking the infected computer. The Flash download has been installed on websites using JavaScript injected into the Java or HTML files of the affected websites. The malware isn't installed automatically, which means it has to be clicked on to work.

Security professionals are researching to determine if this attack originated from previous ransomware attacks such as Wannacry and NotPetya. There have not been any confirmed reports of infiltration from US organizations.

What can you do?

In order to protect your own sensitive data, don’t click on unknown and unauthorized websites. Also, don’t download unauthorized software to your computer. When in doubt, just don’t do anything. If you have any doubts, seek an experience computer professional to assist you.

Tell us what you think!