Did you know that cybercriminals can pay for a service to spread and manage ransomware attacks? Well, they can. And, in fact, it is called Ransomware-as-a-Service (RaaS). This is really a terrifying fact. This means that in order to be a cybercriminal and send out a ransomware attack against a hospital or local utility company, you no longer really need to have any sophisticated tech skills. All you need are a few bitcoins to set up an attack and wait for victims to pay.
Ransomware is a type of cyberattack that relies on tricking users into downloading a piece of malware that either steals or locks data from victims’ computers or other systems in their network. The payoff then comes because the attacker threatens to expose the data or prevent the victims from accessing the data until they pay the ransom.
Ransomware attacks aren’t anything new. They have been around for more than a decade, but both the number of attacks and the amount of money they are demanding is increasing at an alarming rate. According to SonicWall’s Mid-year update of its 2021 SonicWall Cyber Threat Report, there have been 304.7 million ransomware attempted attacks in the first 6 months of 2021. This is more than the total number of attack attempts recorded for all of 2020, 304.6 million. Many organizations are looking into obtaining cyber insurance to help reduce their losses if they are attacked. Unfortunately, RaaS will simply make it easier for attackers to do their “job” and we will simply see these numbers increasing more and more over time.
RaaS usually runs on a subscription-based model, very similar to the thousands of Software-as-a-Service (SaaS) offerings that are available today. Their customers, who are often referred to as affiliates, can simply pay for Ransomware tools that have already been developed. Depending on the service, this could be a one-time fee or an ongoing subscription payment. In some cases, affiliates might not have to even pay anything up front and simply offer up certain technical skills and pay based upon a percentage of the profit.
The irony is that this is a prime example of how the internet has made setting up a business so much easier, from building a website, to accepting electronic payments and delivering your product to customers. The fear gripping side of this is that this type of service makes being a cybercriminal that much easier. Some of the most prolific ransomware attacks have been spread through RaaS such as DarkSide and REvil.
Since it doesn’t look like we will be able to stop these types of attacks from happening, we need to ensure that we are protecting ourselves against them as much as possible.
- Protect your data no matter from where or by whom it is being accessed
- Put anti-phishing protections in place
- Educate your users about phishing attacks and how they can avoid falling victim to them
- Backup your data on a regular basis
- Adopt a Zero Trust Architecture
The cybercriminals are only becoming more and more efficient at what they do. We need to be ever more vigilant in preventing them from being successful and profitable.