Don’t Follow Bad Rabbit Down the Ransomware Hole

Don’t Follow Bad Rabbit Down the Ransomware Hole

October 30

Last week we saw another high-profile widespread ransomware attack: Bad Rabbit. It has hit more than 200 major organizations primarily in Russia, Ukraine, Turkey, Germany, and potentially other countries across the globe.

According to Wired UK:

The Bad Rabbit ransomware spreads through “drive-by attacks” where insecure websites are compromised. “While the target is visiting a legitimate website, a malware dropper is being downloaded from the threat actor’s infrastructure,” according to analysis by Kaspersky Labs. In this instance, the malware is disguised as an Adobe Flash installer. When the innocent-looking file is opened it starts locking the infected computer.

However, the malware isn’t installed automatically. It has to be clicked on to work. When a user clicks on the malicious installer—which is highly probable given the number of Flash updates regularly issued—his or her computer locks.

Illustration of bad rabbit ransomware

How to Protect Your Data from Ransomware

As ransomware attacks become more and more frequent and sophisticated, organizations of all sizes must deploy a multilayer security approach that includes:

  • Educating staff
  • Patching all endpoint device operating systems, software, and firmware as vulnerabilities are discovered
  • Antivirus endpoint protection with updated signatures, endpoint sandboxing, and next-gen antivirus
  • Network sandboxing, next-generation firewalls, and email security to block phishing attacks
  • Backup and recovery process with well-defined frequency
  • Next-generation scale-out storage

Defend Your Data from a Ransomware Attack with StorageCraft

The StorageCraft® Recovery Solutiontogether with StorageCraft OneBlox ensure the very best protection of your data, at all times.

The StorageCraft Recovery Solution backs up systems and data and replicates those backups to the cloud where ransomware can’t reach them. Users can recover files, even re-create their network in the StorageCraft Cloud.

StorageCraft OneBlox features Continuous Data Protection (CDP), which takes immutable snapshots automatically every 10 seconds for the first hour, then on an hourly, daily, weekly, and monthly basis thereafter. Should a ransomware attack occur, causing data encryption and corruption of the primary file system, the snapshots remain completely unaffected, immune from any modification or deletion. The ability to take such granular snapshots at 10-second intervals is critical to ensuring recovery of the latest and most recent version of the data. Unlike legacy RAID-based volume snapshots, users not only recover individual files and folders easily but also recover complete network shares.

When ransomware worms its way into your organization’s computers, you’re prepared with StorageCraft backup and disaster recovery and OneBlox next-generation scale-out storage.

See for yourself how Zenzero IT Solutions rescued their customer’s data from CryptoLocker using StorageCraft technology: