News has broken on about a new widespread ransomware attack using a new variant called "BadRabbit." At this time it appears that organizations in Russia and Ukraine appear to be the most heavily impacted. Most notably, Russian media outlets and Ukrainian government and critical infrastructure entities are seeing disruptive effects.
Security researchers are already noting similarities between this wave of attacks and the NotPetya attacks that caused widespread disruption back in June 2017, but had a particularly significant effect on entities in Ukraine. While NotPetya initially appeared to be a widespread ransomware attack similar to WannaCry, it was later determined that the malware was a disk wiper with destructive intent rather than a typical financially-motivated ransomware attack. Effects from NotPetya were centered around Ukraine because the initial delivery mechanism was a supply chain attack where malicious actors compromised the update server for software call "M.E.Doc," a widely deployed accounting software used by many organizations in Ukraine as well as businesses with operations there (which explains why effects were felt outside Ukraine).Read More