Ransomware as a Service: What to Know and How to Combat It

You may be surprised to know that Hollywood has created over 88 films centered on hacking and/or the Dark Web between 1969 and 2017. If you are interested in the entire list check it out at a Cybersecurity Ventures post here. Most of these movies sensationalize the hacker lifestyle and, at once both glamorize and horrify the viewer regarding what’s available on the Dark Web. But even with all of Hollywood’s unbridled imagination, they haven’t (yet) shown that an “as a service” market is very active there.

X as a Service Evolves

There was a period in the late 1990’s when it seemed like every headline announced a new cloud-based service. Thus was born the “as a service” market (XaaS) where everything was offered to ease your administrative burdens and lower your costs for platforms (PaaS), infrastructure (IaaS) and software (SaaS). According to ZDNet editor, Charles McLellan,

“There are now thousands of SaaS applications, available from internet giants to startups, along with services from rather fewer providers of the other two key pillars of cloud computing: platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS).”

So, is it really a surprise that cyber criminals would at some point jump on this wagon and offer ransomware as a service (RaaS)?

The Dark Web Strikes Again

Unfortunately, the Dark Web is not just a figment of Hollywood’s imagination.  It is a real place where real criminals make real money (or bitcoins). It is also the staging ground for RaaS offerings.

RaaS is really financially very lucrative.  According to a recent Security Magazine article by Mounir Hahd,

“The cost associated with RaaS is varied. In 2016, criminals released ransomware variant Stampado on the Dark Web for a mere $39, one of the first widespread and cost-effective instances of RaaS. This price tag not only let would-be hackers purchase the ransomware at an exceedingly low cost, but it also provided a lifetime license, essentially enabling anyone with $39 to instantly become a lifelong hacker as they wished.

Other ransomwares charge no upfront fee, opting instead to take a percentage of whatever ransom the malware receives when it is put into action. A customer only has to provide their means of distribution to ensure the creator behind the ransomware gets their cut. This approach often has lucrative effects – as of late 2016, the notable RaaS operation Cerber was estimated to be earning $200,000 a month.”

You should expect this trend to only continue as it profits for these bad actors increase and organizations still fail to adequately prevent all forms of zero-day threats.

How to Combat RaaS

You need a solution that uses Multi-Tier protection to defend against attacks at different levels of the stack. It needs to take a comprehensive approach that's powerful, as evasion techniques may spread across different layers. You need a solution that protects against advanced malware by using deep inspection that analyzes commands at the CPU level, all the way up to the application level, analyzing macros and embedded JavaScripts in Microsoft office or any other data file types whether on premise or in your public or private clouds.

Learn more here.