Yet another significant ransomware outbreak hit Russia, eastern Europe, and parts of western Europe today. BadRabbit appears to be a new variant of the Petya/NotPetya variety, and is spreading through local networks attempting to compromise systems using embedded known usernames and notoriously weak passwords. Files are encrypted as well as the master boot record of the infected machine. It appears to present itself as a Flash Player update. This story continues to develop, so beware and monitor your environments closely over the next 24 to 48 hours.
This is yet another great example of the cost of a compromise, and more specifically, the cost of a serious ransomware infection. Hopefully, this article will cause readers to pause and reconsider how organizations can and should approach these threats.