Report: 60% of orgs hit by ransomware-as-a-service attacks in the past 18 months

Enterprise

Products You May Like

According to a new report from U.K.-based cybersecurity company Sophos, ransomware-as-a-service attacks became more popular in the past 18 months. Of the hundreds of ransomware attacks Sophos investigated during that time, nearly 60% were perpetrated by ransomware-as-a-service groups.

Such attacks, where one group builds the malicious code and sells it to another group to use in the virtual breaking-and-entering of a vulnerable enterprise or organization, are growing increasingly sophisticated. Over the last two years, Sophos has observed a growing trend where malware developers lease their code to attackers to do the dirty work of breaking into an enterprise company’s network and holding its systems or data hostage until a ransom is paid.

The Conti brand of ransomware-as-a-service, which the FBI said in May had attacked 16 medical and first responder networks, was the most popular type of ransomware deployed during that time.

Pie chart. Ransomware families investigated by Sophos Rapid Response, 2020-2021. Conti infection rate portends the expansion of the RaaS model. Nearly four in five calls to Sophos Rapid Response service came as the result of a ransomware attack, and among those calls, Conti was the most prevalent ransomware we encountered at 16% of engagements. The next most frequent were the three Rs -- Ryuk, REvil, and Ragnarok -- who together accounted for the next 28% of attacks. Among the remaining 56% of incidents, we encountered ransomware under 39 different names.

The report notes that some malware developers even create their own attack playbooks and make them available to their affiliates. As a result, different attack groups end up implementing very similar attacks. The more that specialist ransomware programmers outsource their malicious code and infrastructure to third-party affiliates, the more the size and scope of ransomware delivery methods will grow.

It is no longer enough for organizations to assume they’re safe by monitoring security tools and ensuring they’re detecting malicious code. IT teams need to understand the evolution of ransomware, and specifically the growing ransomware-as-a-service trend, in order to develop effective cybersecurity strategies for protecting their organizations in 2022 and beyond.

Sophos compiled the data in the report from a statistical analysis of the hundreds of ransomware attacks and hundreds of thousands of malware samples its threat researchers and response teams investigated in the past 18 months.

Read the full report by Sophos.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Products You May Like

Articles You May Like

North Korean Hackers Target Developers with Malicious npm Packages
New Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads
SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments
Redmi 14C With 6.88-Inch LCD Screen, MediaTek Helio G81 Chipset Launched: Price, Specifications
Here’s How AI is Helping Astronomers to Understand Universe’s Fundamental Parameters

Leave a Reply

Your email address will not be published. Required fields are marked *