DailyPost 457
COMMODITIZING RANSOMWARE – AS A SERVICE
Modern business landscape has a paradigm shift to Subscription Economy. This model is not limited to Netflix & Spotify, Ransomware-as-a Service has gained currency. This system allows anybody with a internet connection, regardless of their technical literacy, to purchase powerful ransomware via the Dark Web & carry out devastating encryption attacks. Ransomware is a malware designed to encrypt files & render them inaccessible till you pay the ransom asked for, through bitcoin.
Ransomware has become the most favoured tool of hackers in 2017. In Police parlance, it’s kidnapping with ransom, instead of a human being, data is held hostage. The average ransomware demand has tripled between 2015 to 2016 rising from $294 to $1,076 and for sure is on the rise.
The ransomware attack vector can be broken down to; downloading malicious attachments & clicking on malicious links within emails. Both these require action at the users end & thus the most preventable methods of infection. Phishing is the most preferred mode. Drive-by downloads, which infects the system without the users knowledge &barrage attacks against RDP servers, infecting servers are the dangerous ways.
Ransomware attacks have exploded. As per SonicWall, it has increased at an astonishing 167 times over the course of one year, from 3.8 million in 2015 to 638 million in 2016. The examples of successful infamous Ransomware-as-a-Service are Satan, Philadelphia, Cerber & MacRansom.Four industries account for 77% of ransomware attacks: business & professional services – 28%, government – 19%, healthcare – 15% and retail – 23%. User awareness, alertness & proficiency & backups is a must. Keep minimum three copies of data on at least two different types of storage. At least, one should be off premises. Ideally, all these copies should be identical & updated in real time.
RANSOMWARE-AS-A-SERVICE IS DIGITAL UNDERWORLD’s ULTIMATE BUSINESS MODEL.
Sanjay Sahay