Ransomware-as-a-Service

Tony MasonData Protection, Endpoint Security, Enterprise Security, Security Awareness & Phishing

Ransomware-as-a-Service available on the Dark Web

The Dark Web and Ransomware-as-a-Service

This month our partner, Vipre, reported on Ransomware-as-a-Service and the impacts this could have on the industry.  Jason Norton advised, ‘Ransomware is a form of malware that encrypts, or locks a user out of and away from their critical data. Typically, the attacker demands monetary payment in exchange for a decryption key that promises to unlock the hijacked data’.

Reports this week are claiming that more companies are paying the demands, as their insurance companies are paying the bill.   This definitely makes for a lucrative market for potential cyber criminals to focus on. However, this may not result in you getting your data back.

Ransomware-as-a-Service

Jason explains how Ransomware-as-a-Service (RaaS) is slightly different to normal ransomware. ‘Unlike traditional ransomware, RaaS doesn’t require the attacker to be necessarily skilled at writing computer code to launch attacks. That is because the RaaS delivery model is similar to a monthly subscription service. This type of affiliate program creates a win-win situation for both the malware author and the subscription buyer. There is usually some type of profit sharing or split between the two parties which is normally agreed upon up front. In the end, the only loser is the victim who pays the demanded monetary ransom in the hope of safely getting their valuable data back’.

For a monthly subscription fee, cyber criminals can provide access to easy-to-use malware and ransomware, packaged for immediate distribution to the buyer. These RaaS packages are found and sold on the Dark Web.

The interesting & most concerning point Jason makes about the advent of RaaS is that it removes a large barrier to bad actors’ entry into this field.

To become a hacker, you used to need to have the ability to code. With this new RaaS service, that need has now been taken away.  The problem that creates is, there is no guarantee you will get your data back.  There used to be an unwritten rule in the world of ransomware that once you had paid the ransom, you would receive your data back.  Sadly, the new hackers using RaaS don’t have the skill set to retrieve this for you.

Additionally, the volume of attacks may rise as it becomes easier for new entrants to come in to the market.  Jason relates this to pyramid selling schemes, where, in this instance, the ransomware authors stand to make a lot of money by maximising the number of hackers using their service.

Key ways to counter Ransomware

  • Use a Next-Gen Endpoint Security Solution, such as Vipre
  • Train Your Users: using simulated phishing of latest scams, together with engaging & interactive training, such as KnowBe4
  • Regularly Back Up Your Data

 

Check here for Vipre’s full report.