RaaS: The evolving threat of ransomware as a service should be seen as a big worry.
When former US President Donald Trump dismissed the sophisticated Russian hack of the US elections by saying that it ‘could be somebody sitting on their bed that weighs 400 pounds’ he was playing into the mistaken, but commonly-held belief about cybercriminals that they are these weird, loner outcasts who need to get outside more.
Nothing could be further from the truth. The modern cybercriminal is part of a sophisticated, global industry that is going from strength to strength.
One of the unexpected lessons learned during the difficult past twelve months is that cybercrime has become professionalised to the point that criminal gangs are actually outsourcing their services to other less tech-savvy bad actors.
The influential tech blog ZDNet recently wrote that “Ransomware as a service is proving effective for cyber criminals who want a piece of the cyber-extortion action but without necessarily having the skills to develop their own malware, with two out of three attacks using this model.”
This particular way of working is believed to be the model employed during the recent FatFace hack, which showed up the clothing retailer as having been less than honest with their customers about their stolen data. (add link to previous story)At one point, the company appears to have hired a ransom negotiator to speak to the hackers, which led to the bizarre situation where neither the victims of the crime or the attackers were in negotiations; both had outsourced the services to paid professionals.
The scale and ambition of the attacks from these professionals is becoming more and more brazen. No company is too big for them now, as evidenced by the news of the latest attack on the world’s most valuable company: Apple.
Wired magazine reports: ‘On the day Apple was set to announce a slew of new products at its Spring Loaded event, a leak appeared from an unexpected quarter. The notorious ransomware gang REvil said they had stolen data and schematics from Apple supplier Quanta Computer about unreleased products, and that they would sell the data to the highest bidder if they didn’t get a $50 million payment. As proof, they released a cache of documents about upcoming, unreleased MacBook Pros.’
In terms of brazen and bold statements of intent, it doesn’t get bigger than that.
If we can get to Apple, they seem to be saying, we can get to anyone.
The threat to release secret files onto the open web is a fairly recent development in cybercrime. In the past, companies were simply locked out from using their files and systems, but the added threat of disclosing plans and leaking secrets has given them added leverage and made it harder to resist for victims.
In an interview with CIOAfrica.com, the CiSo of multi-national corporation Old Mutual, Kerissa Varma, noted that “Globally cyberthreats have grown. It’s the same threats…not something fantastic that has come up, but it’s the scale of it that’s new.
What came to the fore last year was Ransomware-as-a-service….Bad actors dont have the time or tech capability to launch these attacks so they outsource them. It’s gotten so bad that some of these companies are now guaranteeing revenue from these attacks. They are saying I will improve your current revenue by 30%. It’s highly organized and professional, they even have a call centre and help guide to paying the ransom…networks that are starting to become normal.’
There’s never been a bigger need for well-organized cyber defences. Small companies are way more likely to be targeted by gangs who come and go before you can do anything about it.
Yet, ironically, the measures that one needs to take to prevent an attack are simple and effective. The attacks themselves haven’t fundamentally changed, it’s just the scale of it. If you practice good web hygiene, you should be safe.That means strong passwords, no sharing, two-factor authentication where possible. When you stick to the basics, you are not seen as a target and the predators are likely to move on to easier targets
To find out more about how 2|SEC can help you stay safe, get in touch with our business development team today.