Ransomware is not a new threat to the digital space. Its origins go back many years now. However, over time this threat has become only more prevalent and vicious.
Ransomware-as-a-Service (RaaS) seems to be following popular Everything-as-a-Service (XaaS) models, particularly the Software-as-a-Service (SaaS) service ideology.
This subscription-based cyber threat model allows even an inexperienced cybercriminal to launch ransomware and phishing attacks without having the need to code malware themselves.
As such, it is commonly used by cybercriminals who don’t have much technical knowledge of how to create ransomware. This malicious model allows anyone to become an “affiliate” of an established RaaS package or service. This means that this has the potential to go more widespread.
On New Year’s Eve 2019, currency exchange Travelex discovered it had been infected with Sodinokibi ransomware, as hackers demanded $6 million for the return of customer data.
Sodinokibi,or REvil, is a ransomware-as-a-service (RaaS) model, discovered in April 2019.
It is used by the financially motivated Gold Southfield threat group, which distributes ransomware via exploit kits, scan-and-exploit techniques, Remote Desktop connection servers, and backdoored software installers.
Its multiple infection methods include exploiting known unpatched security vulnerabilities and phishing campaigns.
Sodinokibi encrypts a user’s files and can gain administrative access by exploiting a vulnerability in Oracle WebLogic.
It has received attention due to its similarities to GandCrab, another infamous RaaS campaign that allegedly retired in June 2019 after reportedly earning cybercriminals more than $2 billion.
“We are leaving for a well-deserved retirement,” they said. “We have proved that by doing evil deeds, retribution does not come.” – GrandCrab Authors.
While Ransomware-as-a-Service (RaaS) is the latest threat concoction targeting digital users, it has become very important for businesses to take some preventive measures to protect themselves and educate employees against these malicious campaigns.
In addition to other basic security measures, you can also rely on advanced anti malware programs such as Malwarebytes to better secure you against this threat.
According to the NCSC, if you are an SME, then there’s around a 1 in 2 chance that you’ll experience a cyber security breach.
Conosco specialises in helping SMEs prevent, defend and protect against all manner of cyber threats. Our accredited security practitioners and consultants work closely with your teams to help safeguard your organisation’s data, assets, and reputation.
We offer four free Information Security Discoveries per month where we conduct a short workshop with your key stakeholders and provide you with a high-level assessment, giving you our recommendations for reducing risk within your business.
If you would be interested in receiving our free Information Security Discovery audit and report, register your interest using this form.
Ninja Form plugin removed, please replace with HubSpot form