News Karnataka
Sunday, October 02 2022

Ransomware ‘service’ creates cottage industry of cybercrime

Ransomware service creates cottage industry of cybercrime
Photo Credit : IANS

New Delhi: As cyber-attacks increase, ransomware-as-a-service (RaaS) has catapulted from a fledgling threat into a force to be reckoned with, significantly lowering the barrier of entry and allowing cybercriminals who lack the technical skills to commoditise ransomware, a new research has warned.

The research found that ransomware’s current dominance is directly linked to the emergence of a technique known as “double extortion”.

The tactic, pioneered by the Maze ransomware group, involves stealing sensitive data from victims and threatening to publish these files on leak websites, while also encrypting the data so that the victim cannot access it, according to the report by Tenable, a cyber exposure company.

“With RaaS and double extortion, Pandora’s box has been opened, and attackers are finding holes in our current defences and profiting from them,” said Satnam Narang, senior staff research engineer, Tenable.

In 2021, “double extortion” ransomware increased by 117 per cent globally.

“CERT-In noted that the country witnessed double the ransomware attacks in 2021 compared to 2020, leading to more organisations paying ransoms,” Narang informed.

Ransomware groups have recently added a variety of other extortion techniques to their repertoire, including launching distributed denial-of-service (DDoS) attacks to contacting customers of their victims, making it even more challenging for defenders.

These tactics are part of the ransomware gangs’ arsenal as a way to place additional pressure on victim organisations.

In 2020 alone, ransomware groups reportedly earned $692 million from their collective attacks, a 380 per cent increase over the previous six years combined ($144 million from 2013-2019).

Affiliates who earn between 70-90 per cent of the ransom payment, are charged with the task of doing the dirty work to gain access to networks through tried and true methods such as spearphishing, deploying brute force attacks on remote desktop protocol (RDP) systems, exploiting unpatched or zero-day vulnerabilities and purchasing stolen credentials from the dark web.

Affiliates may also work with IABs, which are individuals or groups that have already gained access to networks and are selling access to the highest bidder.

Their fees range on average from $303 for control panel access to as much as $9,874 for RDP access, said the researchers.

Read more:

US National Rifle Association confirms 2021 ransomware attack

Ransomware attack shuts thousands of school websites globally

Ransomware 2 | Infoscope with Vibha Rao

Ransomware | Infoscope with Vibha Rao!

Share this:
Support NewsKarnataka's quality independent journalism with a small contribution.

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Leave a Reply

Your email address will not be published.

Visit 7Jackpots and find the best online casinos in India! Play the most popular casino games for real money!

Find the best odds at 10Cric and ipl betting 2021! Signup today and get up to a 100% deposit bonus.

To get the latest news on WhatsApp