Winter is Coming – A new ransomware variant is currently spreading across Europe. The Bad Rabbit ransomware has infected many public infrastructure sites including the Kiev Metro in Ukraine as well as hundreds of other organizations. Interestingly, it contains several pop-culture references in its code, including some to the dragons, Drogon, Rhaegal, and Viserion of Game of Thrones.
ContentKeeper customers with a Secure Internet Gateway1 deployment were not at risk from this ransomware.
Once the executable is run it begins to encrypt the victim’s files and steals passwords, eventually displaying what is becoming an all too familiar demand for a ransom payment in bitcoin to decrypt the files. The virus is able to propagate itself via a range of methods including SMB and WMIC by searching for open network shares and guessing at passwords with a pre-built list. There are also now reports that the leaked NSA exploit EternalRomance was leveraged to enhance propagation.
ContentKeeper’s Secure Internet Gateway includes multiple layers of defense to protect against known and unknown threats, ransomware, malware, trojans and other viruses. Having multiple layers of defense technology is the best way to defend your network from the next attack. A modest investment in security upfront can prevent a catastrophic loss of data in the future.
1. Appropriately configured with the necessary security modules enabled
For more than 20 years, ContentKeeper has delivered comprehensive, accessible web security solutions for global enterprises, educational institutions and government agencies. We enable our customers to protect their networks, users and data from cyber threats while embracing mobile technology, Internet of Things (IoT) and cloud-based services.
About the author: David Wigley Co-Founded ContentKeeper Technologies in 1997 and serves as its Chief Executive Officer. David has many years of experience in software engineering, sales and management within the Computer Security Industry.