Ransomware has been laying waste to corporate data and municipal budgets for decades. Bringing businesses to tears and cyber engineers to perpetual frustration, all driven by a few innocuous clicks. Since its inception, the threat vector has caused devastating effects, but often they have been limited to enterprise-level targets and illicit organizations with the bandwidth to operate this complex malware variant. That was until Ransomware as a Service (RaaS) entered the scene.
What has changed in recent years? The short answer is everything…
From broad shifts towards digital transformation and cloud migration to the vastly lowered costs of executing a ransomware attack and scaling them to businesses of all sizes, the entire threat landscape has transformed to create a new, more suspect reality to navigate. With the digital threat ecosystem evolving so dramatically, RaaS attacks have begun to fill a vacuum in a new and vulnerable market segment perpetually at risk of cyberattacks.
Defining the terms
“RaaS is a type of pay-for-use malware that allows cybercriminals to purchase ransomware tools that have already been developed to carry out large-scale ransomware attacks. RaaS is an affiliate program in nature — for every successful ransom payment made, the creators of the tools receive a percentage.”
Essentially, this enables ad hoc attackers to use a simplified platform with all the necessary ransomware code and operational infrastructure required to launch and maintain any number of ransomware campaigns.
The chart above (courtesy of AppKnox) does a great job of visually representing the process. Where in the past ransomware development required vast resources and a significant timeline, now wannabe hackers can impart massive waves of data penetration and extortion within minutes.
Stats and Recent Trends
According to a recent risk assessment by the IB group, upwards of 66% of ransomware attacks in 2020 were launched using Ransomware-as-a-Service.
From ReEvil and Thanos to Petya and countless others, RaaS is quickly gaining market traction due to its ease in deployment, simplified pay structure, and speed, from initial malicious ideas to the deadly launch and implantation of a ransomware attack.
With decreased barriers to entry as well as the now more manageable costs of execution RaaS are impacting a broad range of businesses. As more players can effectively deploy ransomware attacks, storehouses to the broadest datasets will inevitably be targeted.
According to PurpleSec “85% of MSPs report ransomware as a common threat to small to mid-sized businesses. ”
In a simpler time, small businesses may have hoped ransomware attacks would be limited to better-funded contemporaries. Recent data from HelpnetSecurity indicates nearly half of SMBs have been targeted by ransomware with 73% of those organizations giving in and paying some ransom. Today, every organization, regardless of size, security implantation, or public persona, is at risk of devastating ransomware attacks.
New Reality, Same Foes
The rise of RaaS has forced IT and cybersecurity professionals to reassess who is at risk and what we all need to do to close the gaps. From employee cyber education and basic system updates to implementing the best and most holistic cyber solutions to meet your organization's needs, there is an ever-growing list of opportunities to optimize your cyber defense and empower those people driving it to minimize their collective attack surface.
The key to take from the increased reliance on RaaS as a vital attack vector, much like any other notable cyber risk, is that a dynamic multifaceted cyber defense is the only solution to effective data protection.
With the decreasing price points and ability to outsource ransomware attacks, everyone is at risk, but more importantly, everyone can now internalize that cyber risk and devastating attacks can impact any business, regardless of size, output, or assets, and create the policies and tangible skills to keep them safe.
