Ransomware Groups Thriving Through Ransomware-as-a-Service

Ransomware Groups Thriving Through Ransomware-as-a-Service

  • Ransomware attacks are increasing, with Ransomware-as-a-Service playing a significant role in affiliating those who execute attacks
  • Research indicates an 85.55% increase in ransomware victims from 2022 to 2023, with payments surpassing 1 billion USD last year
  • Notable ransomware groups have led some of the most disruptive campaigns, using advanced tactics like double and triple extortion

PAY ATTENTION: Let yourself be inspired by real people who go beyond the ordinary! Subscribe and watch our new shows on Briefly TV Life now!

Ransonware attacks are on the rise
Ransonware attacks are on the rise.
Source: UGC

Unfortunately, ransomware attacks are showing no signs of slowing down. According to ExpressVPN’s research, syndicates are increasing their payment demands, and now Ransomware-as-a-Service (RaaS) is emerging as a pivotal factor in the surge. Another research also states that an overall percentage increase in ransomware victims from 2022 to 2023 is approximately 85.55%, an upward trend.

Nathan Hartzell, a principal security architect at ExpressVPN, emphasises the ease with which malicious actors can now access ransomware services.

Read also

Joburg residents outraged by new City Power R200 monthly deduction

He states, “In the past, someone had to want to attack you and be capable of pulling that attack off themselves. Now they just need the desire and the financial means to acquire these services.”

Like a franchise, RaaS allows central syndicates to develop and rent out ransomware tools to affiliates who execute devastating cyberattacks on individuals and critical infrastructure businesses. It is noted that ransomware payments surpassed 1 billion USD last year, a 56% increase in incidents compared to the previous year, a significant surge in these attacks.

Three main types of groups benefit from RaaS;

Firstly, access seekers or initial access brokers focus on exploiting vulnerabilities within a target's network and gain an initial foothold for ransomware deployment, making use of strategies like phishing and brute-force attacks on logins and servers.

Read also

Kenyan unrest: 13 dead as military deployed amid widespread protests

Secondly, data brokers steal personal information and sell it on underground marketplaces for activities such as identity theft and phishing scams.

Lastly, spy agencies use ransomware for geopolitical objectives, aiming to disrupt the operations of target countries rather than seeking financial gain.

Prominent ransomware groups have emerged as the most notorious and impactful in the past year. Groups known as the REvil, DarkSide, LockBit, and Clop have led the charge with some of the most disruptive campaigns.

These groups not only rely on technical abilities but also employ sophisticated psychological tactics to coerce victims into paying ransoms. They often threaten to leak stolen data on public shaming sites, which adds an extra layer of pressure on the victims to comply with their demands. Integrating artificial intelligence (AI) into these threats has further enhanced their effectiveness. AI-driven phishing attacks are more convincing and more challenging to detect, making them a potent tool in the cybercriminal’s arsenal.

Read also

South Africans call for better policies amid declines in average salaries for Q1 2024

So, some critical protective measures can be used, given the increase in ransomware attacks, that businesses and individuals can include proactive cybersecurity measures. Updating software on a regular basis ensures that vulnerabilities are covered. Virtual Private Networks (VPNs) can also be vital in securing communications and protecting sensitive data. Finally, another critical factor is implementing a solid authentication process, a multi-factor authentication (MFA), which adds an extra layer of security.

So, rather be safe than sorry, always be vigilant and cautious around any suspicious emails. RaaS has indeed significantly transformed the landscape of ransomware attacks, so understanding the mechanics of RaaS provides a sigh of relief.

Source: Briefly News

Rianette Cluley avatar

Rianette Cluley (Director and Editor-in-Chief) Rianette Cluley is a senior content specialist, who previously worked as a journalist and photographer for award-winning local community publications within the Caxton group. Over the past 16 years, Rianette's leadership skills and passion for story-telling, have culminated in a successful career with Briefly News (joined in 2016). She also attended the Journalism AI Academy powered by the Google News Initiative and passed a set of trainings for journalists from Google News initiative. E-mail: rianette.cluley@briefly.co.za