Let’s start here: cybercriminals are evolving, and they’re evolving fast. What used to be a process of ‘encrypt’ and then ‘exfiltrate’ is evolving towards ‘exfiltrate’ and then ‘extort’. Essentially, cybercriminals follow this process: lock down a system, demand a ransom (typically in Bitcoin), and then provide an encryption key.
As ransomware has evolved, cybercriminals realized that their process to gain access to networks also worked well for exfiltrating data. What’s more, the process allowed them to circumvent backup files standing in the way of receiving ransom from the victim. This process moved cybercriminals towards ‘encrypt and exfiltrate’ –a double extortion scheme turning a standard ransomware attack into a full blown data breach. Basically, instead of just encrypting files, cybercriminals are now stealing them and threatening to release sensitive data if the ransom is not paid on the demanded timeline.
Since cybercriminals have evolved, a study by Coveware found that 77% of ransomware attacks since 2019 have also involved a threat to leak exfiltrated data. This means that beyond ‘encrypt and exfiltrate’, cybercriminals are evolving even further to a process of ‘exfiltrate and extort’.
The answer is simple: RaaS, or “ransomware as a service,” is growing in popularity. Essentially, cybercriminals sell subscriptions to ransomware “solutions,” just like how legitimate developers sell SaaS products. Successful ransoms earn RaaS developers a healthy commission. With the money to be made in this black market business, its popularity is growing fast for obvious reasons.
It’s vital to be proactive and aggressive in your approach to cybersecurity. Cybercriminals are quickly evolving, and so should your organization in order to protect itself.
Hiring an advanced IT team like PK Tech can help protect your organization from unnecessary cybersecurity risk. Questions? Get in touch with us.