Ransomware is a form of cyber-attack designed to encrypt a victim’s data until they pay a financial reward to the attacker - i.e. a ransom. In recent years a business model called RaaS – Ransomware-as-a-Service has risen in popularity with the majority of cyber-attacks in 2020 being RaaS attacks. Here’s a overview of why they’re so popular, and how you can avoid them
RaaS – an overview
RaaS stands for Ransomware-as-a-Service. It’s “superpower” if you will is that instead of a cybercriminal taking the time to write their own ransomware, they can purchase it on the dark web from a RaaS provider. The RaaS provider will then get a cut of the victim’s ransom upon providing the decryption key. This enables ransomware attacks to be carried out with greater frequency; now criminals don’t need to be coders to perform cyber-attacks.
It’s also the ultimate win-win for the developers and the affiliates executing the attack. The ransomware developers will often have their affiliates on a recurring monthly fee (like SaaS) with some affiliates earning up to 80% of each ransom payment. To add to the professionalism, affiliates are typically supplied with onboarding materials and sometimes even a dashboard for monitoring the success of each infection attempt.
As with most cybercrime, RaaS attacks will be carried out via phishing scams; emails designed to trick a recipient into granting access or handing over personal information. Should a user download the ransomware, the infection can spread fast. It can disable firewalls and even gain a hold of the entire business’s IT. It should also be noted that paying the ransom is never wise. Typically, criminals can’t be bothered to provide a decryption key to those that pay. This is why the FBI advises against paying ransoms. Therefore, the best thing you can do is to put measures in place that prevent RaaS attacks from ever happening in the first place.
Ways to protect against RaaS
Cyber Security training
Since pretty much all ransomware attacks will be because of phishing, first and foremost you need to ensure your employees can spot phishing scams a mile off. Cyber security training ensures your first and weakest line of defence – people – are vigilant and not putting your business in danger.
Zero Trust security
This is the philosophy of not trusting anything by default. It involves rigorous examination before approval of any device, IP address, application, etc. Basically, anything that interacts with your IT. It can be implemented via a range of techniques like application whitelisting and carefully monitoring your systems. For more information on Zero Trust security, click here.
Principle of least privilege
Similar to Zero Trust, granting as little access as possible to as many users as possible will help limit the damage a ransomware attacker can do. When a criminal breaches a user’s security, they will have access to whatever that user has access to. There's little point in a junior team member having the same level of access as a system administrator. There may even be little point in a CEO having administrator access. So make sure you give your employees – and cyber criminals – as little access to your company data as possible.
There is a range of ways for protecting yourself from a RaaS attack. A great deal of resources can be invested in security. But if you’re looking for the first step to take, and the one most likely to deliver the most reward, cyber security training is the ideal choice. Protect yourselves with a cyber security solution and reinforce your human firewall with our Cyber Security Training service.
Click here to find out more.