Research from McAfee reveals that cyberthreats in nearly all countries have surged during the pandemic. The US had a 61% increase in targeted attacks when compared to Q4. Why? Malware is moving to the cloud. Akamai found a 40% increase in internet service consumption, which rolls into a 400% increase in traffic to websites associated with malware.
But also important… Ransomware as a service. The Dharma operation is offering an entire crime as a service system, where developers manage the development and the ransomware payment system, while the affiliates focus on compromises and deployment. The developers earn between 30-40% of any ransom payments, leaving the rest for the affiliates.
This expands the operation beyond the traditional interview and private nature of ransomware groups.
Sophos reports these work – 85% of the attacks are used to expose remote desktop protocol, or RDP.
Why do we care?
The business model on the criminal side is so successful they are building a service version of it. You seriously have to give them credit – they are outsourcing the scale of this and taking advantage of the circumstances.
Understand your adversary, because they are faster, smarter, and more agile than you think. Think about this – they have systemized this so well they are now reselling it. They have literally adopted the business model of technology services firms. Be flattered – but also know how difficult this is.
And remember, this is why regulation is coming for the space. Customers are wising up – armed gangs breaking into businesses and holding them hostage, and now they can franchise. Epic.