"Ransomware-as-a-Service: The Cloud Model Escalates Ransomware Attacks"

Cybercriminals are leveraging cloud services through ransomware-as-a-service (RaaS). A recent Venafi report found that in addition to a wide range of ransomware at different price points, there are also various services and tools that help threat actors with minimal technical skills launch ransomware attacks. Source code, build services, custom development services, and ransomware packages with step-by-step tutorials are among the services with the most listings. According to Joseph Carson, chief security scientist and advisory CISO at Delinea, ransomware is an increasingly important part of the proficiency of organized cybercrime, and this affiliate model of ransomware has caused attacks to grow in frequency and sophistication, thus leading to greater damage for victims. Carson explained that for RaaS to be successful, multiple parties must play different roles. Ransomware creators distribute the software to a network of cybercriminals, who then target victims and deploy the ransomware. When the ransom is paid, the cybercriminals pay a royalty to the original creator. Criminal 'help desks' and 'end user support' services often collect royalties by negotiating the ransom demand and assisting the victim in purchasing bitcoins or other popular cryptocurrencies used to pay the ransom. The creator of the ransomware has more opportunities for success with less risk in this model. If one affiliate is discovered or the ransom is not paid, there are numerous other ways to make money. All partners must play their roles while not informing or leaving a trail back to the others. RaaS is popular because ransomware attacks remain prevalent. However, cloud platforms have long been used to distribute malware. Threat actors use trusted public cloud platforms to weaponize consumer trust in those services, creating accounts on free tiers to host malware and launch attacks with no financial output. RaaS is just one type of "malice-as-a-service" platform that represents the progression of the malware industry. This article continues to discuss the concept of RaaS, how the RaaS model has changed ransomware attacks, and how to combat RaaS-derived attacks. 

Security Boulevard reports "Ransomware-as-a-Service: The Cloud Model Escalates Ransomware Attacks"