While IT departments around the world have been scrambling to protect their companies from the plague that is Ransomware, cyber criminals have been coming up with new ways to spread the virus; and it’s working. Studies show that Ransomware attacks have grown exponentially, from around 4 million attacks in 2015 to 638 million in 2016. Now, in 2017, the incidence of attack is on track to beat out last year.
This dramatic increase can, in part, be attributed to the spread of Ransomware as a Service, a new cyber threat that makes it easier for criminals to get their hands on the virus.
Ransomware as a Service, or RaaS, is designed to make cyber crime more accessible to the masses. Advanced cyber criminals develop the malicious code of the virus and make it available to download and use. With RaaS, Ransomware is not only cheap and easy to download, it’s easy to spread. The authors of the virus either provide the Ransomware for free or charge a small fee up front. Then they will take a cut of each ransom, incentivizing the buyer to perform a higher volume of attacks for larger ransom.
With the onset of Ransomware as a Service, cyber criminals are now selling their Ransomeware and malware to a potentially much larger group of hackers, with little to no background in programming. This means that more and more cyber criminals are turning to this type of Ransomware due to its reduced barrier to entry. With Rasomware more readily available, more attacks will start to take place. For comapnies that are potential targets of an attack, this means that it is more likely your company will be infected and, if it is infected, the ransom will be much higher.
RaaS viruses are still spread in the same way as any other Ransomware viurs – through malicious email attachments, untrusted sites, infected links, etc. Protecting your business starts with educating your employees on the common ways that Ransomware is spread. Additionally, having a strong backup and recovery solution in place can help you recover from Ransomware faster, often without having to pay a ransom.