Press "Enter" to skip to content

Ransomware as a Service: Franchising and outsourcing for growth

Research from McAfee reveals that cyberthreats in nearly all countries have surged during the pandemic.    The US had a 61% increase in targeted attacks when compared to Q4.     Why?  Malware is moving to the cloud.    Akamai found a 40% increase in internet service consumption, which rolls into a 400% increase in traffic to websites associated with malware.

But also important… Ransomware as a service.     The Dharma operation is offering an entire crime as a service system, where developers manage the development and the ransomware payment system, while the affiliates focus on compromises and deployment.    The developers earn between 30-40% of any ransom payments, leaving the rest for the affiliates.

This expands the operation beyond the traditional interview and private nature of ransomware groups.  

Sophos reports these work – 85% of the attacks are used to expose remote desktop protocol, or RDP.

Why do we care?

The business model on the criminal side is so successful they are building a service version of it.     You seriously have to give them credit – they are outsourcing the scale of this and taking advantage of the circumstances.

Understand your adversary, because they are faster, smarter, and more agile than you think.     Think about this – they have systemized this so well they are now reselling it.  They have literally adopted the business model of technology services firms.      Be flattered – but also know how difficult this is.     

And remember, this is why regulation is coming for the space.   Customers are wising up – armed gangs breaking into businesses and holding them hostage, and now they can franchise.    Epic.

Source: CIO Dive

Source: Bloomberg

Source: Bleeping Computer

Source: MSSP Alert