An Evolving Cyber Threat: Ransomware-as-a-Service
How is Ransomware-as-a-Service Different and Why Are Criminals Using it?
During the COVID-19 pandemic, the shift to remote working has left businesses vulnerable to online assailants without protecting a corporate network or firewalls. With employees suddenly working on unsecured home networks and misconfigured VPNs, companies have lacked suitable security protocols and employee education initiatives to stop cyber-criminals from taking advantage of this shift.
Ransomware-as-a-Service (RaaS) has grown massively as a result. Its business model satisfies the demand of cyber-criminals that lack proficiency in ransomware development. The increasing prevalence of RaaS means that the ability to cause remote, targeted cyber-attacks is highly accessible. Its implications affect not only business security but also national security on an international level.
Cyber-criminals are not stupid. They understand return on investment (ROI), profitability and how to work collaboratively. Like in the software industry, the ability to develop software is significantly different from distributing the software. They each require distinctive skillsets to be executed successfully. So, if it works for typical software companies, why wouldn’t it work for cyber-criminals?
RaaS has lowered the threshold to entry for this type of crime. The ones that distribute the malware can be, and typically are, totally separate from those that create the malware — just like developers and sales representatives have different roles within a company that mutually benefit one another. So, cyber-criminals don’t have to be malware developers or even be in a crew that has this capability; they can simply pay, or work collaboratively with, skilled developers in a strategic alliance that allows them to focus on distribution.
Using this model allows the business leaders of these organized criminal syndicates to maximize profitability without doing more work than they need to. It is not only a cost-effective strategy but also one that provides extra protection for the criminals committing these cybercrimes by creating a layer of separation between the malware developers and the distributors making them less likely to be implicated if one of the members involved is arrested.
How to Protect Against the Threat
To effectively defend against this threat, businesses and organizations need to treat their defensive posture with the same level of rigor and determination as that of their adversaries. Failure to do so will result in their business being compromised and the subsequent theft and monetization of critical value data.
Security should be a top priority at board level. There should be plans for technology, training and threat exercises like red teaming and purple teaming that combine the tactics of the red team, the bad guys, and the blue team, the good guys. Businesses should also include active threat hunting to seek out attackers that have found their way past security.
Organizations will pay for security — either now without interest or later with interest. That interest will manifest itself as the loss of customer confidence, loss of market share, regulatory fines and potentially class action or shareholder derivative lawsuits. For businesses to future proof their operations, it’s essential they act now, rather than wait until their critical value data is under lock and key of a criminal — and held to ransom.
Organizations need to implement a combination of technical solutions, security policies, and employee training to combat these threats. New-school security awareness training can enable your employees to defend themselves against ransomware attacks.
With thanks to InfoSecurity Magazine. The full story is here: https://www.infosecurity-magazine.com/opinions/cyber-threat-ransomware-as-a/
Request A Demo: Security Awareness Training
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defence. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/demo_kcm_partner?partnerid=001a000001lWEoJAAW