Radio Sputnik: Why is Russia and Eastern Europe being attacked this time? What is the point of such attacks in your view?
Cong-Fook Fong: This is pretty much a targeted attack. It was first identified from Russian website — it's spreading through the websites — and is also displaying… similarities with the malware observed in July — NotPetya malware. My personal point of view is that this is pretty much corporate-type targeted attacks.
Radio Sputnik: What is BadRabbit's correlation with the Petya attack in the European Union? Could it have been launched by the same hackers?
Cong-Fook Fong: Well, it has possibly been, because from what we've observed, the BadRabbit spread from the same set of web servers that were used to the host Petya malware, so this is one of the similarities that both malware have. But then again, if you look deeper at the way NotPetya spread and the way BadRabbit spread, [they] are different. The code is different. But then again the hosting site is the same. So that is some kind of link that shows that the two malware could be related to each other.
Radio Sputnik: Why is the ransom demanded in cryptocurrency? Is there something significant in this?
Cong-Fook Fong: Definitely. Cryptocurrency is the most convenient way to transact over the Internet right now, because there is no way you can trace where is the origin and where is destination. This is fast and anonymous.
Radio Sputnik: With cybercrime on the rise, how does it affect economies in general? And how can it be taken into account so that its effects can be minimized?
Cong-Fook Fong: Definitely, cybercrime is causing a significant effect on the economy. What happened in Russia and Ukraine, where public transportation facilities were affected by the malware — unfortunately, this kind of phenomenon will not go any lower, because the complexity of developing a malware is getting lower and lower. And lot of source code of the malware has been made accessible [in the] public domain. It means that someone with basic programming skills can develop a virus of malware and launch it to the internet. When you look at the Darknet, today we have something called "malware as a service," that is, if you want to develop malware, but do not have the necessary skills, you can hire someone and they will develop one that would do the same kind of damage. I do not think the phenomena [will lessen], so we just have to prepare for more significant cyberattacks to come.
