Ransomware as a Service

Ransomware as a Service is a cybercrime business model where ransomware operators write software and affiliates pay to launch attacks using said software.[1]

Affiliates do not need to have technical skills of their own but rely on the technical skills of the operators.[2]

Microsoft Threat Intelligence Centre(MSTIC) regards RaaS as different from previous forms of ransomware as it no longer has a tight link between tools, initial entry vector and payload choices.[3] They regard them as having a double threat - both encrypting data and exfiltrating it and threatening to publish it.[3]

Examples of RaaS kits include Locky, Goliath, Shark, Stampado, Jokeroo and Encryptor.[1]

References

Baker, Kurt (2023-01-30). "Ransomware as a Service (RaaS) Explained How It Works & Examples". Crowdstrike. Retrieved 2023-02-11.
Palmer, Danny (2021-03-04). "Ransomware as a service is the new big problem for business". ZDnet. Retrieved 2023-02-11.
"Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself". Microsoft Threat Intelligence Centre. 2022-05-09. Retrieved 2023-02-11.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[crowdstrike-raas-1] Baker, Kurt (2023-01-30). "Ransomware as a Service (RaaS) Explained How It Works & Examples". Crowdstrike. Retrieved 2023-02-11.

[zdnet-raas-2] Palmer, Danny (2021-03-04). "Ransomware as a service is the new big problem for business". ZDnet. Retrieved 2023-02-11.

[mstic-3] "Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself". Microsoft Threat Intelligence Centre. 2022-05-09. Retrieved 2023-02-11.