UPDATED 23:48 EDT / SEPTEMBER 21 2017

INFRA

The rise of ransomware as a service fuels hackers looking for a quick buck

The rise of ransomware as a service is fueling attacks worldwide by hackers looking to make a quick buck, according to a new research report.

The research, undertaken by the Carbon Black Inc. Threat Analysis Unit analyzed more than 1,000 ransomware samples and found that attackers are looking to make quick, easy money by using unsophisticated malware combined with sophisticated delivery methods to target the largest number of potential victims as possible. “Our analysis reveals the majority of ransomware attacks are guided by simple economics and likely derive from unsophisticated actors who often leverage pre-existing do-it-yourself attack kits purchased from the dark web,” the company told SiliconANGLE.

Explaining how the ransomware scene has evolved using the RaaS model to allow even unsophisticated attackers to launch campaigns, the research found that most ransomware samples evaluated are designed to run in place without the need for installation of configuration. “Ransomware code is less complex than many other forms of malware,” the researchers said. “A basic ransomware sample simply needs to traverse folders and encrypt files using standard Windows routines. There is very little coding involved to make ransomware, and much of that code can be sourced from other online projects.”

The market as it now exists is described as having attackers playing a “numbers game” to launch a mass set of attacks against the largest vulnerable population possible. RaaS, along with bitcoin, have lowered the entry to wannabe attackers, allowing an “an adversary with no technical experience the ability to easily sponsor a ransomware campaign with available funds. These ‘spray and pray’ attacks often rely on spamming and phishing campaigns to guarantee a small percentage of infections to extort money,” often “requiring just one person to execute the payload for a successful attack.”

Another interesting takeaway from the research is that include that 99 percent of all ransomware attacks target Microsoft products with Mac users virtually untouched. The majority of ransomware samples tested were written in English with followed by French, German, Chinese, Japanese and Russian.

The Carbon Black researchers also warned that the trend toward “rudimentary ransomware” speaks to the current state of cyberdefense, in particular enterprises focusing more on advanced, targeted attacks while seemingly overlooking routine “blocking and tackling” required to stop attacks that have limited sophistication.

“Traditional defenses are heavily skewed to detecting and blocking malicious files downloaded to a computer system,” they conclude. “A reliance on this method distracts defenders from seemingly legitimate applications exhibiting malicious behavior.”

Image: Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU