RaaS, double extortion driving ransomware attacks, pushing up industrial cybercrime

Tenable says that the advent of ransomware-as-a-service (RaaS) is one of the main reasons why ransomware has advanced from a fledgling threat into a force to be reckoned with. The service model has significantly lowered the barrier of entry, allowing cybercriminals who lack the technical skills to commoditize ransomware.

In its latest research titled ‘The Ransomware Ecosystem,’ Tenable discloses that “RaaS is a service model, just like Software‑as‑a‑Service, where instead of providing access to legitimate software applications, ransomware groups provide the malicious software (ransomware) and infrastructure necessary to facilitate ransomware attacks while relying on third parties, known as affiliates, to do the actual dirty work of gaining initial access into an organization before deploying the ransomware.”

The research also flagged that ransomware has become a self‑sustaining industry. “Previously, attacks were perpetrated by the same ransomware groups that developed and propagated the malware, but the advent of RaaS has attracted multiple players. Each has a vital role, making up what we refer to as the ransomware ecosystem. Outside of the ransomware groups, the other key players include affiliates and initial access brokers (IABs),” it added.

Tenable evaluates that RaaS was just the beginning, as ransomware’s current dominance is directly linked to the emergence of a technique known as ‘double extortion.’

Since double extortion was introduced, most ransomware groups have incorporated it into their attacks, hosting their leak websites on the dark web, Tenable said. “While there have been some efforts to curtail ransomware attacks over the years, such as law enforcement

Read more

Explore the site

More from the blog

Latest News