Many Insurance Agencies wait until they're breached or fined before they fix their cybersecurity.


Ransomware as a Service, the new cybercriminal gig economy that’s taking over computers worldwide

Microsoft has been tracking ransomware and cybercrime signals by the millions every single day. Billions of cyberattacks have been stopped in their tracks thanks to their protections. However, they are now warning of the new emerging trend amongst hackers… Ransomware as a Service.  

RaaS is typically human-operated ransomware. This means the software, which often is automated, is instead directed by a live person, in turn making the attack increasingly more effective.

By being human operated, ransomware, malware, or the viruses used by hacking groups can now be pivoted and adapted to test additional routes to data breach success. They can also better utilize social engineering in order to coerce information from targets.

As the world has turned more towards gig work and a gig economy, so has the underground depths of the dark web.

Attacks are growing to typically include double extortion on payments from victims now. The lockout methods hackers are using against victims are becoming increasingly more complex as well. Cyberanalysts say that often attackers will remain on breached networks in secret even if ransom is paid in order to extort the same victims again in the future.

Read Microsoft’s full report here:

1. How RaaS redefines our understanding of ransomware incidents

a. The RaaS affiliate model explained

b. Access for sale and mercurial targeting

2. “Human-operated” means human decisions 

a. Exfiltration and double extortion

b. Persistent and sneaky access methods

3. Threat actors and campaigns deep dive: Threat intelligence-driven

response to human-operated ransomware attacks 

4. Defending against ransomware: Moving beyond protection by detection

a. Building credential hygiene

b. Auditing credential exposure

c. Prioritizing deployment of Active Directory updates

d. Cloud hardening

e. Addressing security blind spots

f. Reducing the attack surface

g. Hardening internet-facing assets and understanding your perimeter

Here are some cybersecurity tips to consider when keeping yourself safe online:

Worried your current or lack thereof of cybersecurity practices are putting you and your company at risk? Call us today for a FREE Cybersecurity Risk Assessment where we’ll tell you if you’re Cyber Smart or unprepared. 646-374-1820.