On 10/24, the Department of Homeland Security issued an alert for the Bad Rabbit ransomware that has been spreading through Russia and Europe. As of this morning, the media is now picking up infections and proof of it spreading to the US.
As of the morning of 10/25, we have confirmed that three of the security vendors used at Network Thinking Solutions for our clients networks offers protection and already blocks the infection and spread of this ransomware. We use Cisco OpenDNS (now called Umbrella), Kaspersky antivirus and SonicWall. All have released information about blocking. Here is some more info:
DHS Notice here
BBC Article here
Cisco Talos which Umbrella OpenDNS uses here
Kaspersky Blog here
Sonicwall Update here
We were concerned when we heard about the KRACK exploit that was found for wireless networks using WPA2. The first concern was about our client networks since we have hundreds of SonicWall firewalls in production and most of those using wireless WPA2 security provided by SonicWall Access Points. Many are used internally by our clients and but others are also public facing portals for guest wireless in public places.
We were pleased to learn that SonicWall is not susceptible to this exploit and not updates are needed. Not sure why or how they have built wireless Access Points that are not vulnerable but again SonicWall provides peace of mind on the front line for our customer networks.
Information on the KRACK exploit provided by Brian Krebs here and the CERT advisory here
Information from SonicWall explaining they are not vulnerable here
If interested in replacing your corporate security with SonicWall, reach out to us here