<img src="https://certify.alexametrics.com/atrk.gif?account=kla4t1zDGU20kU" style="display:none" height="1" width="1" alt="">
Contact us
Request demo →
Contact us
search
close

RaaS: How Ransomware as a 'Service' Increases Your Attack Risk

by Sebastiaan Bosman Blog 16 Nov 2020

We know of Software as a Service, where organisations outsource parts of their digital infrastructure to third parties for the sake of improved user experience or increased security, for instance. As a successful business model, it is actually not that shocking something similar is happening in the world of cyber-crime. The people who know how to build ransomware sell their software on the dark web and offer it as Ransomware as a Service (RaaS), turning even rookie cyber-criminals into money-making hackers. How does it work, exactly? And what can you do to protect your systems?

What is Ransomware?

First, let’s define ransomeware and explain what attackers try to achieve with it. Ransomware is a form of malware. Once it has nestled itself in your systems, it can encrypt parts of your data, or lock you out of your system altogether. The threat actors behind the attack then demand a ransom to give you the encryption key.

There have been cases where organisations have paid the ransom, and did retrieve their data. The threat actors calculate the ransom, making it a somewhat tempting option for their victim when compared to the cost and effort it takes to run a full digital forensic study and replace infected systems. This can easily take many weeks, and add up to a loss in the tens of millions, as it did for the company ISS World earlier this year.

However, there is no guarantee the criminals will actually give you the key, or that they haven’t installed more malware or some sort of back door.

Where does the ‘service’ come in?

Building the perfect ransomware is not easy. It takes time and skill to prepare, develop and weaponise the software. Instead of then carrying out the attack themselves, the developers also make money from offering the ransomware as a ready-made package on the dark web. This allows much more people to carry out a ransomware attack.

But that’s not all. The ‘S’ in RaaS comes from a newer development where people can subscribe to a cloud-based platform providing ransomware services. These subscribers spread the ransomware to their victims, while the developers control the software and execution of the attack.

Subscribers often pay a recurring fee for access to the service. The Intel 471 Malware Intelligence team writes that affiliates of RaaS provider REvil receive 60% to 70% of the ransom payment. The rest is kept by the ransomware group. 

How to defend against a ransomware attack

The difficult thing is that a ransomware attack can come from so many different directions. Whether it’s a social engineering attack, phishing campaign, or straight-up hack; the impact is immense.

Here, as with so many digital risks, prevention is certainly better than remediation. Threat actors will try to abuse vulnerabilities in your systems to gain access. That means you need to know what digital assets in are at the biggest risk of being compromised.

The solution lies in a mix between understanding and predicting criminal activity online, and monitoring your own digital footprint to proactively prevent risks.

To get to the bottom of this threat, we organise a webinar together with Intel 471. We will take a deep dive into the underworld of ransomware and bring risks and solutions to the surface. Learn how to avoid falling victim to a ransomware attack. Register for the free webinar here.

Register


pasfoto001Sebastiaan Bosman is Content Marketeer at Cybersprint.
With an educational background in Communications and Linguistics,
he is responsible for creating and editing most of the internal and external communication. He writes content such as blogs, whitepapers, and case studies, primarily based on Cybersprint’s own research data. Previously, Sebastiaan worked as Content & Communications Advisor at ING Global. 

RaaS: How Ransomware as a 'Service' Increases Your Attack Risk

We know of Software as a Service, where organisations outsource parts of their digital infrastructure to third parties for the sake of improved user experience or increased security, for instance. As a successful business model, it is actually not that shocking something similar is happening in the world of cyber-crime. The people who know how to build ransomware sell their software on the dark web and offer it as Ransomware as a Service (RaaS), turning even rookie cyber-criminals into money-making hackers. How does it work, exactly? And what can you do to protect your systems?

read more

The 3 pillars of successful IT governance

IT governance framework helps to ease everyday processes, increases productivity levels, and scripts what to do in case of an incident. However, creating and implementing an organisation-wide IT governance framework is no easy feat, yet so crucial.

read more

Cybersprint 5-year anniversary

2020 marks our five-year anniversary! To celebrate, we have published five video interviews about our journey so far. 

read more

Do you have a question?

Our experts have the answers

Contact us