Btech is continuing to follow and investigate the latest ransomware attack known as Bad Rabbit.
What is it?
"On Tuesday, Oct. 24, a new strand of ransomware named Bad Rabbit appeared in Russia and the Ukraine and spread throughout the day. It first was found after attacking Russian media outlets and large organizations in the Ukraine.
The initial installer masquerades as a Flash update. Interestingly, this malware contains a list of hardcoded Windows credentials, most likely to brute force entry into devices on the network, according to SonicWall Capture Labs Threat researchers."
How do you protect yourself and your credit union?
This attack is another reminder that IT security is critical. The key components that would help to mitigate the risk associated with an attack like Bad Rabbit include:
Perimeter Security - A next generation firewall, that performs deep-packet inspection and uses a subscription license to identify the latest threats, would reduce the risk of the malware entering a credit union network.
Btech clients that use the Btech managed firewall service based on SonicWall are protected by signatures SonicWall Capture labs has released specifically to protect against the Bad Rabbit malware.
Email Security - An email security system that scans all email for viruses, malware, and spam would identify the malware attachment and reduce the risk of an end user infecting their computer with the malware.
Btech clients that use the Btech email security service based on Proofpoint would have had the risk of a malware attachment in an email distributed to an end user significantly reduced.
Desktop Security - A managed antivirus solution, with detailed reporting and alerts to identify at risk computers would reduce the risk of a computer being infected by the malware.
Btech clients that use the Btech managed Trend Micro service would be protected from this ransomware attack by Trend Micro's Predictive Machine Learning and Xgen Security.
Patch Management - A patch management solution ensures that the latest patches are distributed and installed, to reduce the risk of exploits like the Bad Rabbit malware.
Vulnerability Assessment - A vulnerability assessment scan could identify those computers that have already been infected and prevent propagation to further systems.
As of today, October 25, 2017, "SonicWall Capture Labs has released signatures to protect against Bad Rabbit malware that are
available for anyone with an active Gateway Security subscription (GAV/IPS). In addition, SonicWall Capture Advanced Threat Protection (ATP) sandboxing service is designed to provide real-time protection against new strains of malware even before signatures are available on the firewall.
This is another reminder that excellent IT security is a must for your credit union. As identified above, multiple layers of security are necessary to identify, correct, and protect against the vulnerabilities that are exploited by attacks like Bad Rabbit.
Please feel free to contact me at
leebird@btechonline.com or 626-397-1045 if you have any questions, or if we can help in any way.
References: