Anyone with access to the Dark Web can buy readily available ransomware kits for less than $100. With ready-made packages available to any cybercriminal, it’s no surprise why this attack technique has proliferated
Daniel Normal, Senior Solutions Analyst at the ISF
Ransomware has evolved into a significant threat for all types of organizations. How and why is it such a pervasive issue, and how can organizations better defend themselves against it?
Organizations face a variety of cyberthreats, from phishing campaigns to malware to Distributed Denial of Service (DDoS) attacks to brute force attacks and more. But ransomware seems to strike a special type of fear among victims. Perhaps that’s because an organization hit by ransomware suffers on many different levels—loss of critical data, financial repercussions, loss of trust among customers, damage to reputation, and an overall sense of embarrassment at being victimized this way.
Ransomware can affect any organization, large or small, including businesses, schools and educational facilities, hospitals and healthcare providers, government agencies, and non-profit entities. Further, cybercriminals who deploy a successful ransomware attack do so in phases, many of which require planning, stealth, and cunning.
Why has ransomware become such a major threat?
Ransomware began to emerge in the early 2010s in large part due to the rapid improvements in the processing power of computers, according to Mahadik. Computers are now so powerful that they can encrypt their own files in just a few hours, which means that criminals can carry out an attack relatively quickly without getting caught.
Further, ransomware goes far beyond just a few sophisticated criminal groups who level attacks at large organizations, according to Daniel Norman, senior solutions analyst at the Information Security Forum. Anyone in the world can now buy and deploy different strains of ransomware designed for various operating systems, technologies, and products.
“The market for ‘ransomware-as-a-service’ has boomed over the last few years,” Norman told TechRepublic. “Anyone with access to the Dark Web can buy readily available ransomware kits for less than $100. With ready-made packages available to any cybercriminal, it’s no surprise why this attack technique has proliferated.”
Other niche players have paved their own roads to ransomware, according to Norman. Initial access brokers acquire and advertise access to compromised networks. Ransomware affiliates help ransomware operators expand their capabilities. Ransomware groups have also posted messages on Dark Web forums looking to recruit people with network access or penetration testing skills.