In the world of security, the odds are already stacked against you. You have to get security right 100% of the time and a threat actor only needs one lucky shot to get past your defenses. That’s bad. When it comes to ransomware, it gets worse.
Volume. Sheer volume. Sheer volume of attacks.
You take the odds mentioned above and you multiple that by an exponential volume of attacks and you can see why this problem is increasing at an exponential rate. Here is one reason that is happening: ransomware-as-a-service. That’s right, they have a full distributorship model of this stuff out there that allows the threat actor groups to have a “sales team” of less skilled attackers running their ransomware campaigns for them.
This is explained in the recent Forbes article, The Emerging Ransomware-As-A-Service Economy:
Add to that ransomware is now a service, said Jennifer Ayers, Senior Director, OverWatch and Security Response at CrowdStrike, who also presented. That means only a few people are needed to create the new and more sophisticated ransomware we’re seeing today. “What they then do,” she said, “is give the affiliates a copy of the ransomware, and allow them to engage in attacks on the behalf of the ransomware operator. The way that works is that the ransomware operators incentivize the affiliates with something along the lines of a 60/40 or 70/30 split, where the affiliate keeps approximately 60 to 70% of the proceeds and the operator keeps the other 30 to 40%. What this has done is exponentially increase the volume of ransomware attacks. There are now a lot more attacks, and one of the primary reasons for that is the number of affiliates that have entered the entered the criminal marketplace.”
The article has lots of additional information as well as helpful prevention tips so be sure to check it out.