phone423.335.2461

phone423.335.2461

What Is Ransomware as a Service and Why Is It Causing Attacks to Skyrocket?

Ransomware is one of the many forms of malware, along with viruses, trojans, spyware, adware, and more. But it’s become a “breakout star” in the sense that it is now one of the most popular types of attacks with hackers.

In 2020, ransomware attacks increased 485%. Also increasing was the cost of the average ransom demand and the cost to remediate an attack.

This year, we’ve already seen several high-profile ransomware attacks. Including the attacks on Colonial Pipeline that raised the price of gas nationwide and the attack on the world’s largest supplier of beef and pork, JBS (known for Pilgrim’s Pride, Swift, and other brands).

These attacks often originate via business email in the form of phishing, and the volume of these emails is increasing by dangerous levels every year.

What’s fueling the skyrocketing of ransomware attacks? It’s a new service model being offered by large criminal organizations called Ransomware as a Service (RaaS).

What is RaaS, Exactly? 

Think of how software has changed to a Software as a Service (SaaS) model over the years. Instead of just purchasing the software, you can now subscribe to it and get additional benefits such as continuous updates, ongoing support, and flexible plan options.

RaaS is very similar to this model, only the service being offered is a ready-made ransomware attack bundle. Anyone can subscribe and get the tools and support they need to conduct a targeted ransomware attack on a business.

This model democratizes ransomware attacks, in that a person no longer needs any hacking experience and doesn’t need to figure things out on their own. They simply purchase a pre-made ransomware attack in a DIY kit and can try their hand at a big score.

The average ransom demand has jumped by 518% during the first half of 2021. That’s compared with an increase of 82% during the same period a year prior. The average ransom payment right now is $570,000.

RaaS Pricing Options

Just like in the legitimate business world, underground criminal organizations that offer RaaS are competing with each other for customers. Thus, they often offer flexible payment options to attract business.

The four basic pricing models RaaS will use include:

  • A monthly subscription (starting as low as $40/month)
  • Hybrid subscription plus profit sharing
  • Flat rate purchase with no profit sharing
  • Purely profit sharing of the attack bounty without a subscription cost

RaaS providers will advertise their services much like cloud services do, including having 24/7 support, full bundles with phishing emails and websites, user forums, and more.

Until companies stop paying the ransom to attackers, ransomware will continue to be a thriving business for state-sponsored hacking groups, criminal organizations, and the one-off hacker that wants to get rich quick.

Following are some ways you can mitigate your risk of an attack and avoid paying high costs if you do become a victim.

Ways to Mitigate & Quickly Recover from Ransomware 

Back-Up Data Often & Test Restoration

Many companies will back up their data, but they never test the recovery mechanism. Thus, when hit with an attack, they are unsure what to do or how long it will take and opt to pay the ransom anyhow.

This is why companies like Colonial Pipeline end up paying millions of dollars in ransom to attackers, keeping the ransomware business model flourishing.

Go through regular incident response drills where you do a full data recovery of your backed-up data. This will both help you hone the process and ensure you’re using the right backup tools and help you mitigate downtime and avoid paying a ransom if attacked.

Use Protections Against Phishing

Phishing is still the main delivery method for ransomware and other types of malware. It’s critical to have phishing protections enabled through your network and endpoints.

These include technologies such as:

  • Advanced firewall with anti-malware
  • Email spam/phishing filter
  • DNS filter to block malicious sites
  • Email authentication to protect against spoofing

Provide Ongoing Employee Cybersecurity Awareness Training

A well-trained team can reduce your risk of falling victim to a cyberattack by as much as 70%. Doing once-a-year training isn’t enough. You should be regularly teaching your employees a culture of good cybersecurity.

You do this through a mixture of training methods, including group training, email security reminders, posters, helpful videos, and simulations.

Simulated phishing attacks are a great way to sharpen your team’s phishing detection skills and to judge how well-prepared your team is to defend against an attack.

How Protected Is Your Network from the Onslaught of Ransomware? 

Don’t leave your business unprotected! Ransomware attacks are more dangerous now than ever. Unbound Digital can help your Johnson City, Tennessee business review your current safeguards and address any vulnerabilities.

Contact us today to schedule a consultation. Call 423-335-2461 or reach us online.

 

View Desktop Site