Bad Rabbit Ransomware Attacks Highlight Risk of Propagating Malware Outbreaks

On Tuesday morning, Oct. 24, 2017, organizations in Russia and Ukraine reported being hit with a ransomware outbreak that paralyzed their operations. Sporadic cases were also recorded in Turkey, Germany, Bulgaria and Japan, according to reports from different sources.

The malware, self-titled Bad Rabbit, is a ransomware code designed to encrypt and lock files on endpoints, then demand payment for their release. Bad Rabbit is also the name of a Dark Web site where victims are led to pay to have their files unlocked.

At the time of this writing, Bad Rabbit is understood to have mostly hit organizations in Russia. More specifically, it is breaking out on media outlets in the country. In statements delivered by some of the affected entities, it was reported that servers were down due to the ongoing attack.

In Ukraine, the attack hit critical infrastructure organizations in the transport sector. One of the victims is the Odessa airport, which is located in the third-largest city in the country, causing flight delays due to manual processing of passenger data. Ukraine also saw its subway system affected, causing payment delays on customer service terminals, although trains continued to run normally.

Bad Rabbit is the third disruptive ransomware outbreak this year, following the WannaCry and NotPetyaworms that affected numerous organizations in the second quarter of 2017. That being said, Bad Rabbit’s propagation technique is not based on the same exploits, which may make it easier to contain overall.

Continue reading this piece here.