Ransomware as a Service

March 1, 2017 | Views: 5407

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

As if your network security staff does not have enough to worry about already, now anyone can get in on the ransomware game. Now, we have variants of RaaS (Ransomware as a Service) to worry about. This allows anyone who wants to profit from ransomware to start their own ransomware campaign with the help of a “Do it yourself” [DIY] program. The program’s creators teach and allow anyone to set up their own criminal enterprise. In exchange for hosting the site and services, they take a percentage of the payments paid by the victims. How delightful! (That was sarcasm in case you didn’t catch that…)

The fear is that these RaaS sites could cause incidents of ransomware attacks to increase. As long as organizations and individuals keep paying, the attacks will continue and more and more people will get in on the game. Your organization cannot afford to ignore the possibility of ransomware attacks. At this point, it is not an “if”, but when scenario. At some point, your organization will get hit with ransomware.

Make sure you have as much security in place as your organization can afford to protect yourself. Make sure you have multilayered security with firewalls, spam filters, web filters, IDS/IPS, NAC and keep your antivirus/antimalware up to date. Follow security best practices and make sure your users have just enough access to do their jobs. Also, remember to keep your staff educated about phishing scams and tech support scams. Companies and individuals also need to stop paying the criminals and make these attacks less profitable. Make sure you have a good backup and disaster recovery plan in place and test it regularly. If you need help, hire a security and disaster recovery expert.

If we stop paying these criminals and rewarding the bad behavior maybe we can do something to slow down or stop ransomware. For now, this is an ever growing threat and the only option you have is to protect yourself as much as you can and be prepared to restore from backup.


I have provided some links below for more information.

http://blogs.plymouth.ac.uk/strategyandarchitecture/2016/09/23/ransomware-as-a-service/

https://www.helpnetsecurity.com/2017/01/20/satan-ransomware/

https://arstechnica.com/security/2016/01/researchers-uncover-javascript-based-ransomware-as-service/

https://blog.cyren.com/articles/new-cerber-ransomware-as-a-service-causing-fresh-outbreaks.html

https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-as-a-service-ransomware-operators-find-ways-to-bring-in-business

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel