A new ransomware attack has just hit Europe, affecting corporate networks of various organizations in Germany, Russia, Ukraine, Turkey and Bulgaria, including Kiev Metro, Odessa airport and naval port.
Called “BadRabbit,” the attack has locked down multiple computers, demanding payouts in Bitcoin from system administrators for unlocking, around $280 (£215). The malware seems similar to the methods used in “Petya” attack, which spread across the globe in June, though experts still cannot confirm the source was the same. A malicious Adobe Flash installer might have been the reason for the spread, and this ransomware variant can spread through webpages, even when visiting legitimate pages.
“We have predicted that the world will be experiencing many more ransomware attacks - and it’s happening,” said Marty P. Kamden, CMO of NordVPN. “Organizations still have very loose security and don’t do enough to protect their computers and to educate their staff about malware, ransomware and digital attacks. As a result, millions of dollars will be lost again, as multiple organizations are not able to access their networks unless they pay the criminals - which we don’t advise to do.”
NordVPN has already issued advice on how a company can protect itself from potential threats. Here are the main rules:
- Don’t forget to install latest security updates. Security updates often contain patches for recent vulnerabilities, which hackers are looking to exploit.
- Don’t open anything suspicious you get through email. Delete dubious emails from your bank, ISP, credit card company, etc. Never click on any links or attachments in emails you’re not expecting. Never give your personal details if asked via email.
- Backup all data. Backup your data on an alternate device and keep it unplugged and stored away. Backing up data regularly is the best way to protect yourself from ransomware because only unique information is valuable.
- Use a VPN for additional safety. Using a VPN when browsing can protect you against malware that targets online access points. That’s especially relevant when using a public hotspot. However, keep in mind that a VPN cannot protect you from downloading malware. While a VPN encrypts your activity online, you should be careful when downloading and opening certain files or links.
- Close pop-up windows safely. Ransomware developers often use pop-up windows that warn you of some kind of malware. Don’t click on the window - instead, close it with a keyboard command or by clicking on your taskbar.
- Use strong passwords and a password manager. Perhaps the most basic requirement for any online account setup is using strong passwords and choosing different passwords for different accounts. Weak passwords make it simple for hackers to break into an account. A strong password has a minimum of 12 characters and includes a strong mix of letters, numbers and characters. It’s not easy to remember strong passwords for each site, so it’s recommended to use a password manager, such as truekey.com, LastPass and 1Password.
- Use anti-virus programs. Make sure you have installed one of the latest reputable anti-virus programs to make sure you are fully protected.
To find out more about NordVPN’s B2B solution, please visit the website.