Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we discuss the growing concern about ransomware-as-a-service among organisations across the globe.

In 2018, a ransomware attack called FilesLocker was launched, targeting Chinese and English speaking victims. It was presented as a service, allowing affiliates to sign up, refer prospects, and earn commissions. The program advertised that affiliates could earn a 60 percent share of all ransom payments. If the affiliate drove enough traffic, this commission could increase to 75 percent. This revenue model is called ransomware-as-a-service (RaaS).

RaaS is a criminal offshoot of the SaaS model, where cybercriminals develop highly sophisticated ransomware and sell it to conspirators willing to launch attacks in exchange for financial gain.

RaaS is a big threat today because it enables almost anyone to execute a cyberattack without writing their own code. Once cybercriminals breach a system and steal valuable data, they need to target a buyer—most often a business—to sell the stolen information for a negotiated price. Much like SaaS applications, RaaS adopts a cloud-based subscription model. RaaS developers use affiliate workflows to collect details about the ransom brought in by the affiliates; then they take a percentage of the ransom received, and pass on the remainder to the affiliate.

With that being said, here are five interesting reads about the rising notoriety of RaaS and its impact on businesses.

  1. What Is Ransomware-as-a-Service? Understanding RaaS
    In the past, launching a ransomware attack required some technical abilities, including coding skills; however, now ransomware-as-a-service is changing the game for cybercriminals.

  2. Ransomware-as-a-Service: Hackers’ Big Business
    As the popularity of ransomware increases, cybercriminals seek more ways to exploit the malware they develop. Through RaaS, cybercriminals place their ransomware for sale so it can be purchased and leveraged by other criminals who do not have the technical or coding skills to develop the malware on their own.

  1. 4 Ransomware Trends to Watch in 2019
    Ransomware attacks have expanded beyond health and government into organizations of all types. This informative article discusses the anticipated trends in ransomware for 2019.

  2. RaaS: Satan’s business model
    The latest ransomware-as-a-service tool, the Satan RaaS platform, touts that it offers “quality” ransomware. This platform makes it easy for cybercriminals without coding experience to use the creation to take advantage of businesses. Even as ransomware attacks are increasing dramatically, there are steps companies can take to protect themselves.

  1. Cryptomining, Ransomware-As-A-Service On The Rise: Study
    Businesses are recognizing that they need to pay attention to emerging security threats, such as cryptomining and ransomware-as-a-service. In 2018, cryptominers attacked 10 times more organizations than ransomware attackers, but only one in five IT professionals are aware of cryptomining infections, according to Check Point’s 2019 Security Report.

With the RaaS industry growing rapidly, organizations need to have a diligent data back up process to protect and restore corporate data in the event of an attack, and they also need an incident reponse and business continuity plan in place. Additionally, it’s important to inform the workforce about basic cybersecurity hygiene, such as patching vulnerabilities, conducting periodic data backup, blacklisting dark applications and suspicious emails, and other strategies. 

IT teams need to implement periodic upgrades, including hardware and software system patching, to bolster their defenses. Employing a unified endpoint management solution fortifies organizations’ security perimeters and protects business endpoints from being affected by ransomware. This way, businesses can automate and streamline standard endpoint management workflows, proactively detecting, preempting, and repelling security threats in real time.

Cybercriminals hone their attacks based on the evolving security loophole landscape. To ensure businesses remain protected, IT teams need a well-rounded, layered security approach to be able identify, counter, and contain attacks promptly and efficiently.