While they’re cute and awfully cuddly looking, there’s a negative connotation associated with the word “rabbit” – and I’m not talking about Elmer Fudd’s alluding to Bugs Bunny as that “wascally wabbit”.
Nope. “Bad Rabbit” is now part of cybersecurity terminology.
Cybersecurity is an issue impacting all business and organisations, in all sectors. I’ve been speaking to international audiences this year about cybersecurity, beginning with sessions at IAAP Summit in New Orleans in July.
Most recently, I presented on the topic at an EPAA (Executive & Personal Assistants Association) professional development session hosted at Indigo Planning in London, England in September. The company and conversation were stimulating, and seeing the dome of St. Paul’s Cathedral through the boardroom windows was a wonderful bonus!
With a strong belief that proactive admin. professionals should inform themselves on the topic, I’ve also written on the topic here and, most recently, as the cover story for the latest issue of Executive Secretary Magazine.
If you’ve been following social media lately, you may also know that I’ll be speaking in England again next March, at Executive Secretary LIVE in London. My topic? Cybersecurity: How to Take the Lead in Risk Mitigation for Admin. Professionals
Which Brings Us to Bad Rabbit
There’s a new form of ransomware in town, and it’s called “Bad Rabbit”. This malicious software has been infecting computers in a few countries, beginning with Russia and the Ukraine. You may remember Petya, which impacted systems around the globe this past June. This new ransomware is believed to be a variant of NotPetya, but without Petya’s core code.
What does Bad Rabbit do? As you’ll anticipate, it’s not good. The software can infect a computer, with the result that users won’t have access to the hardware unless a ransom is paid to unlock the computer. There are challenges, though, inherent in paying ransom. First, there’s no guarantee that criminals will keep their word and provide a valid decryption key and restore access. Second, once it’s known you’ll pay ransom, you’re a lucrative target to which criminals may return.
How does it unfold?
According to WIRED, “Bad Rabbit ransomware spreads through ‘drive-by attacks’ where insecure websites are compromised”. A malware “dropper” may be downloaded while a person is visiting a legitimate website. The user will see what appears to be an Adobe Flash installer, but there’s nothing innocent about it. Once opened, the file will lock down the computer in question.
… and then there’s social engineering
I’m in direct contact with many of my readers, and happily so. However, I’m leery of an unsolicited email that arrived yesterday from someone purporting to be a reader. The subject line? “Assisting users of exceptionalea.com with their password security“.
The email referenced my earlier article on cybersecurity, and contained two URLs: one identified as a link to my article, and the other identified as a link to ” … another tool to be a better alternative. I thought other users might also appreciate it if you update your page.”
Call me suspicious
… but I won’t be responding to the email, clicking on either of the URLs, or following up on the suggestion that I share the URL with my readers.
All this leads us to the focus of this weekend’s poll:
How prepared are you to defend against cyber threats?
Please take a couple of minutes to complete the poll below. As always, I look forward to hearing what you have to say; watch here for results on Tuesday.