Complex Made Simple

Meet Bad Rabbit. He can destroy your company in just a few steps

Among the dangers that destabilize nature is an overpopulation of rabbits, prolific in producing progenies. Today, there is a “Bad Rabbit” threatening to destabilize global businesses.

First, it was NotPetya and Wannacry, who caused mayhem and financial distress to public and private sector enterprises. Bad Rabbit, posing as an Adobe update or Flash installer, is now locking computers with a digital key and threatening a complete shutdown of company files, if monies (crypto coins) are not paid.

“It’s unclear who’s behind Bad Rabbit, but the attackers appear to be “Game of Thrones” fans. The ransomware code contains references to characters from the popular book and TV series, like Grey Worm and Daenerys’ dragons,” said CNN Tech.

The good thing about Rabbit is that it doesn’t install until users click on “costume-wearing” malware, which is less sophisticated that its predecessors, also revealing the fact that these guys are likely amateurs, but nonetheless, what they created is dangerous.

So far, affected regions are the US, Russia, Japan and Germany, but the net is expanding, according to experts.

CNN Tech reported recently the US Computer Emergency Readiness Team as saying that it “received multiple reports of ransomware infections in many countries around the world.”

Read: 7 essential steps to be cyber security aware

Steven Malone, Director of Security Product Management, Mimecast, told AMEinfo:

“Ransomware season is open and initial analysis shows this to be another variant of ExPetr/Petya, the malware that affected businesses globally just a few months ago and which uses the same SMB flaws to spread laterally once inside a network.”

“Global companies must look inward and ask themselves – ‘Have I done enough?  Did we patch our systems after Petya? the answer to these questions is very likely no, so once again, brace for further widespread outbreaks”

Costs incurred on Middle East organizations

The average Middle East organization faces high risks of ransomware attacks, which could cost nearly $1 million, a study by Dell EMC, a member of Dell technologies, revealed.

Worldwide, 30 per cent of companies have had ransomware infections, causing massive costs in sales and productivity, according to a recent survey by cyber security software provider Imperva. Data loss costs an average business $914,000.

Read: What’s the cost of ransomware attacks on Middle East businesses?

The service sector is at the highest risk of ransomware attacks, bearing the burden of 38 per cent of total attacks, according to a recent report by American software company Symantec.

According to a 2016 PwC report, only 37 per cent of Middle East businesses surveyed have a comprehensive security and training awareness program against a global average of 53. Furthermore, only 32 per cent of Middle East organizations require their employees to complete training on privacy policies and practices (compared with 55 per cent globally).

DDos attacks

Organizations are experiencing an increase in the magnitude of DDoS attacks, with the average size of attacks over 50 Gbps quadrupling in just two years, according to a recent report released from A10 Networks, a secure application services company.

Short for Distributed Denial of Service. DDoS is a type of DOS attack where multiple compromised systems are used to target a single system causing a Denial of Service (DoS).

The study also found that the 1 Tbps attacks that started last year with the Mirai botnet had begun to leave their mark, with 42 per cent of organizations reporting an average size of DDoS attacks greater than 50 Gbps, a significant increase from 2015, when only ten per cent of attacks were above that size.

Read: REVEALED: The one industry that’s key target for cyber criminals

“Multi-vector DDoS attacks continue to increase and assault networks and applications at a rapid pace, which found the percentage of organizations that experienced between 6 to 25 attacks per year has increased from 14 per cent in 2015 to 57 per cent in 2017, said the report.

“74 per cent of respondents say their DDoS budgets are increasing, compared to 54 per cent two years ago.”