Ransomware-as-a-Service (RaaS) has been growing in popularity with hackers as it makes extortion more accessible. Criminals don’t need to develop the ransomware themselves, instead, they can purchase it from certain ransomware groups who create it to sell via a subscription model.
What is leaking-focused RaaS?
Until recently, most RaaS was mainly used by hackers simply to hold a company’s data hostage until a ransom is paid to release it, however their tactics are changing. One of the biggest evolutions in this space is the use of double extortion. That means the hackers will not only demand money to release the data back to the victim, they will also require the company to pay them not to sell the data on the black market. In fact, many RaaS programmes now even offer several extortion support offerings, including leak site hosting.
New trends in RaaS
The next evolution of this trend is that hackers will likely skip the encryption part of the process altogether, and instead use ransomware to steal a company’s data to immediately sell on the dark web. By doing this, they don’t need to worry about keeping ransomware – that could be detected and removed – running on a network. Yet, they can still make money from the data.
For companies, this means that they shouldn’t just be monitoring for malicious software, but also for any intruders on their network.
How to prevent a RaaS attack
The best way to protect your business against ransomware is to practice basic cybersecurity best practice, including:
- Keeping all your software updated
- Educating your staff about how intruders can access networks, and the implications if they do
- Making sure you use specialist ransomware detection and protection software
- Expanding your cybersecurity processes to monitor for intruders on the network, not just malicious software