Contact us
Global
Select your country
Worldwide
Global
Europe
Austria
Belgium
Bulgaria
Croatia
Czech Republic
Denmark
Finland
France
Germany
Hungary
Italy
Luxembourg
Poland
Portugal
Romania
Russia
Serbia
Slovakia
Spain
Sweden
Switzerland
The Netherlands
United Kingdom
Americas
Argentina
Brazil
Canada
Colombia
Mexico
Uruguay
USA
Asia Pacific
Asia Pacific
Australia
China
Hong Kong
Japan
Malaysia
Philippines
Singapore
South Korea
Thailand
Taiwan
India, Middle-East & Africa
Africa
Egypt
India
Qatar
Saudi Arabia
Turkey
United Arab Emirates

Industries
- <<
- Financial Services & Insurance
  - Financial Services & Insurance
  - Banking
  - Capital Markets
  - Insurance
  Shaping the future of insurance, building new ecosystems, connecting generations
- Healthcare & Life Sciences
  - Healthcare & Life Sciences
  - Healthcare
  - Life Sciences
  Look Out 2020+ Industry Trends
  Download the Healthcare Look Out 2020+ Paper
- Manufacturing
  - Manufacturing
  - Aerospace
  - Automotive
  - Chemicals
  - Consumer Packaged Goods
  - Discrete Manufacturing
  Additive expertise
- Public Sector & Defense
  Public Sector & Defense
  Central Government
  Local Governments and Cities
  Homeland Security
  Public Safety
  Space
  Defense
  Education
  Major Events
  Olympic & Paralympic Games
  Sports & Major events
  Look Out 2020+ Industry Trends
  Download the Government Look Out 2020+ Paper
- Resources & Services
  - Resources & Services
  - Energy
  - Utilities
  - Hospitality
  - Retail
  - Transport
  - Logistics
  Digital Vision:
  Energy & Utilities
  Read the opinion paper
- Telecommunications & Media
  - Telecommunications & Media
  - Telecommunications
  - Media
  Look Out 2020+ Industry Trends
  Download the Telecom Look Out 2020+ Paper
Solutions
- <<
- Advanced Computing
  - Advanced Computing
  - Quantum Computing
  - High Performance Computing
  - High End Server
  - Integrated Systems
  Atos Quantum Learning Machine
- Analytics, AI & Automation
  - Analytics, AI & Automation
  - Artificial Intelligence
  - Automation and Robotics
  - Connected Intelligence
  Inside Atos AI Lab.
  Making AI Real for Business
  Download the IDC whitepaper
- Cloud Solutions
  - Cloud Solutions
  - Application Transformation and Migration Services
  - Canopy Orchestrated Hybrid Cloud
  - DevOps
  Digital transformation through continuous business reinvention
- Customer Experience
  - Customer Experience
  - Customer Journey Analytics
  - Digital Customer Experience
  Cloud unified communication and collaboration services
- Cybersecurity
  Protect your business to face cybersecurity challenges
- Digital Consulting
  - Digital Consulting
  - Digital Transformation Consulting
  Trusted Partner for your Digital Journey
- Digital Workplace
  - Digital Workplace
  - Critical Communications for Missions
  - Digital Workplace
  - Unified Communications & Collaboration
  Atos Digital Workplace.
  Attract and retain new talents
- Edge & Internet of Things
  - Edge & Internet of Things
  - Critical Communications for Industry
  - Edge Computing
  - Internet of Things
  Optimize maritime transport operations and vessel performance with the Internet of Things
- Infrastructure & Foundation Services
  - Infrastructure & Foundation Services
  - Managed Service
  - Multi-Sourcing Service Integration
  - Testing
  Atos Technology Transformation Services
- Modern Applications & Platforms
  - Modern Applications & Platforms
  - Business Accelerators (SAP)
  - Global Microsoft Services
  Jump-start your SAP transformation
  Read customer story
Insights & News
- <<
- Newsroom
  21 September 2020
  Atos and RingCentral launch Unify Office in France
- Blog
  Latest blog
  July 22, 2020
  How does sport return to action in the ‘new normals’?
- Events
  Upcoming events
  Shape Your Future at VMworld 2020
  Les Assises de la sécurité, French Security and Information Systems Congress
  Critical Communications World 2020
  All events
  Atos Technology Days 2020
  Replay the event
- Awards
  Awards
  Atos recognized for CSR excellence at Groupe PSA’s 2020 Supplier Awards
  Applications open for second Female FinTech Competition
  Atos named a Times Top 50 Employer for Women 2020 for the second year
  Latest award
  31 August 2020
  Atos recognized for CSR excellence at Groupe PSA’s 2020 Supplier Awards
- Analysts and Advisors
  Atos Industry Analysts
  Security Day
- Customer Stories
  Customer Stories
  ITV Daytime
  Renom Energy Services
  Global banking and credit provider
  State government agency
  All customer stories
  Latest Customer Story
  8 September 2020
  ITV Daytime
- Our Publications
  Future Vision report -
  Redefining Enterprise Purpose
  Download the report
About us
- <<
- About us
- Careers
  The Future Is Our Choice
- Challenges and Competitions
  2020 Atos IT Challenge.
  Cooperative Artificial Intelligence
  Visit the Atos IT Challenge website
- Company Profile
  Company Profile
  Worldwide digital leader
  110,000 employees
  12 billion revenue
  73 countries
  IT partner
  CAC40 Paris stock index
  Supporting our clients in their digital ambitions
- Corporate Social Responsibility
  2019 Integrated Report
  Sustainable Performance
  Visit the 2019 Integrated Report website
- Digital Transformation
  Digital Transformation Program
  
  Explore our apps
- Governance
  Elie Girard,
  Chief Executive Officer, Atos
- Investors
  2019 Universal Registration Document
  Baixe Registro Universal de Documentos 2019
- Partners and Alliances
- Scaler
  “Atos Scaler is committed to unleash the value of collaboration, by facilitating open innovation and giving birth to very concrete industrial applications, with accelerated time-to-market.”
  Elie Girard,
  Atos CEO
  Scaler -
  The value of industry-centric open innovation
- Scientific and Expert communities
  Future Vision report -
  Redefining Enterprise Purpose
  Download the report | All whitepapers

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Select cookie policy level Necessary Statistics Marketing Social Media

Bad Rabbit: what we know

Posted on: October 30, 2017 by Lukasz Olszewski

As the third massive ransomware outbreak of the year, ‘Bad Rabbit’, draws to a close, let’s have a look at the evolution of the recent attacks: Wannacry, NotPetya and Bad Rabbit.

Although these attacks are the first self-propagating ransomworms that can both encrypt a system & spread automatically by exploiting vulnerabilities in network and system devices, still, they all follow the line of least resistance. They can, therefore, be prevented and contained quite easily.

Their evolution is as follows:

Wannacry exploited a Microsoft SMB vulnerability (MS17-010) and used an NSA leaded exploit (EternalBlue). This could be infected without user intervention and simply took advantage of organizations not managing the patch process adequately.
NotPetya creators assumed that the patches or filtering had happened already at the Internet facing perimeter and so they modified a software update (an accounting software in the Ukraine), which then updated itself and thus infected systems.
Bad Rabbit was a hybrid approach. It actually relied on the end user downloading a file, ignoring the security alert. Once downloaded it moved through a network by scanning for common passwords and stealing credentials.

As covered in a blog post in June after the Wannacry attack, Leading the fightback against ransomware, there are a few steps organizations can take to protect themselves. These include:

Ensuring you are updating the software you have with the patches issued
Make sure your employees are aware when not to download a file
Bringing in required security levels for passwords

We must note that Bad Rabbit is still unfolding. More may come out about the nature and objective of this attack.

For us, in our investigations, we believe that although this falls under the category of ransomware – there was indeed a ransom asked and communication about it sent to those affected – it doesn’t quite feel like a ransom was the end goal. I’m sure we will learn more in the coming weeks but the similarities to NotPetya and the geolocation suggest a more disruptive aim.

Regardless of the aim, these attacks are extremely disruptive and costly. We must stay a step ahead and maintain security protocols. We cannot be complacent.

About Lukasz Olszewski

VIEW ALL POSTS BY Lukasz Olszewski

CSIRT and Threat Intelligence Lead, Europe

Lukasz Olszewski is a cybersecurity expert and leader with over 10 years of experience. He is also a Senior Expert in Atos Digital Experts Community. He currently leads Atos Computer Security Incident Response and Threat Intelligence Teams in Europe delivering EDR, security incident response, forensics, malware analysis, threat hunting and intelligence services. Lukasz has a degree in Computer Science and has previously worked as System Administrator working mostly with Linux and Unix systems. After that he joined the Royal Bank of Scotland as Technology Risk Analyst working on information security risk assessments. In 2013 Lukasz joined Atos as a Security Engineer and later took the role of the Lead Architect in the area of SIEM and security monitoring, detection and analysis. Lukasz has responded to many severe security incidents, taken part in many global security projects, major R&D initiatives, multiple proof of concepts and authored many security service processes.Lukasz is also Certified Information Systems Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA) and Certified Ethical Hacker (CEHv8).

Follow or contact Lukasz

VIEW ALL EXPERTS