We often dig deeply into the details of specific strains of ransomware. However, sometimes we like to try and engage a wider audience by hitting the basics. Today, we’re going to get back to basics and talk about ransomware-as-a-service.
You’ve probably heard about something “As-A-Service” before. The term most often comes up in relation to Cloud services, and examples include Software-As-A-Service (SaaS – e.g., Microsoft Office 365, Google Apps, etc) and Infrastructure-As-A-Service (IaaS – e.g., Amazon Web Services (AWS), Rackspace Managed Cloud). In short, the “something” is owned by someone else and provided to you when and where you need it.
By simply using the service, someone else can be responsible for its maintenance, security and correct operation.
So Why Ransomware?
All of the above “As-A-Services” seem useful, so why Ransomware-As-A-Service? A quick read of our article on Halloware gives a hint. Writing ransomware is not hard, but ensuring that this malicious software runs stably across every possible distribution of Windows takes significant skill.
Ransomware-As-A-Service is for attackers who don’t want (or lack the technical expertise) to deal with software maintenance and interoperability issues. By outsourcing the technical challenges of writing ransomware, attackers can focus on other issues including distribution and collecting their ill-gotten gains.
What’s the catch? Like most other “As-A-Services”, there’s a cost. Attackers typically have to either pay up-front for their own variant (most common) or pay a portion of each ransom to the original authors.
How Do You Stop It?
Ransomware-As-A-Service is increasingly common. Well-known families include Satan, Halloware, Saturn, and Data Keeper. Unsurprisingly, CryptoDrop was able to stop each and every one of these strains on the first time that we encountered them. Even when such ransomware employs sophisticated mechanisms and defenses, CryptoDrop stops it.
The ransomware space moves quickly. Professional software developers build, maintain and update custom families that regularly evade traditional anti-virus detection systems. That means you need protection beyond what you probably have in place.
Join us – We Stop Ransomware.