Bad Rabbit Serves as a Multi-Layer Warning

A new form of ransomware and has crippled multiple websites and mass transit outlets.

Called Bad Rabbit, this ransomware appears to be a variant on the well-known Petya ransomware that wreaked widespread havoc earlier this year. As with many other forms of ransomware, this one encrypts all of your files on your hard drive.  The only way to unlock your content is to pay the ransom in Bitcoin—Bad Rabbit’s hackers are demanding roughly $300US—to receive the unencryption key. Once you type in that specific code, it supposedly unlocks your computer.

Obviously, there’s no guarantee that paying the ransom will do anything to retrieve your files, which is why the US Department of Homeland Security urges victims not to bother paying the fine.

There are some important takeaways from this and any other similar attack, mainly stemming from preventing the infection from infecting your computer in the first place:

1. Make sure your antivirus (AV) software is up-to-date

In this particular case, AV software does not yet seem to recognize Bad Rabbit, so it’s certainly not an attempt to blame victims for not installing safety net software. However, this is precisely what AV developers do: they issue an update when new threats are found. Failing to install the update, though, does leave you at risk, so it’s essential to update your AV software, your web browser, your operating system, or any other critical software whenever a patch is issued.

2. Only install updates from trusted sources

Bad Rabbit seems to have an isolated mechanism for installation. You go to a website (that you don’t realize has been infected) and you try to watch a video or download something you need. A message tells you that your Adobe Flash Player is out of date, and to click the link to install the latest version. And that’s how they get you! That link wasn’t Flash Player, but rather Bad Instead, try this and make it a permanent good habit: if you’re ever directed to install an update, open a brand-new window in your browser and go directly to the verified source, such as Adobe’s own website. Once you’ve downloaded the genuine update, come back to that first window and try again. If the content was real and actually needed an updated version of Flash in order to play, it will now work; if it still says you need to update Flash, something fishy is going on. Get out of there immediately.

3. Back up everything you care about on an external hard drive

For most individuals, a ransomware attack is an upheaval, maybe even a major Back up everything you want to keep—like family photos, tax documents or important papers—on an external hard drive. That way, a ransomware attack just means the expense of a new computer, and let’s face it, you can pay the hackers or you can pay about the same amount to buy yourself a new device. Of course, if your company is attacked, the consequences can be much more severe, which is all the more reason to back up your files on an external hard drive, cloud-based server, or another similar secure method.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: What’s Hiding on Your Credit Report?

Pin It

 

ITRC Sponsors and Supporters 

 

 

 

 

Go to top

 

The TMI Weekly

Breaches here, identity theft there and invasions of privacy everywhere... Should you be worried and, if so, how can you protect yourself? Sign up now to receive The TMI Weekly and get the latest hot topics in identity theft, data breaches and privacy and helpful information on how to protect your information.