Ransomware as a Service, the new cybercriminal gig economy that’s taking over computers worldwide
Microsoft has been tracking ransomware and cybercrime signals by the millions every single day. Billions of cyberattacks have been stopped in their tracks thanks to their protections. However, they are now warning of the new emerging trend amongst hackers… Ransomware as a Service.
RaaS is typically human-operated ransomware. This means the software, which often is automated, is instead directed by a live person, in turn making the attack increasingly more effective.
By being human operated, ransomware, malware, or the viruses used by hacking groups can now be pivoted and adapted to test additional routes to data breach success. They can also better utilize social engineering in order to coerce information from targets.
As the world has turned more towards gig work and a gig economy, so has the underground depths of the dark web.
Attacks are growing to typically include double extortion on payments from victims now. The lockout methods hackers are using against victims are becoming increasingly more complex as well. Cyberanalysts say that often attackers will remain on breached networks in secret even if ransom is paid in order to extort the same victims again in the future.
Read Microsoft’s full report here:
a. The RaaS affiliate model explained
b. Access for sale and mercurial targeting
a. Exfiltration and double extortion
b. Persistent and sneaky access methods
a. Building credential hygiene
b. Auditing credential exposure
c. Prioritizing deployment of Active Directory updates
d. Cloud hardening
e. Addressing security blind spots
f. Reducing the attack surface
g. Hardening internet-facing assets and understanding your perimeter
Here are some cybersecurity tips to consider when keeping yourself safe online: