What Is Ransomware As A Service?: What You Need To Know

August 2, 2021 in Cyber Attacks, Malware

You’ve likely heard of ransomware, the highly profitable cybercrime through which malicious actors gain unauthorized access to sensitive data and hold it hostage in exchange for a ransom, typically paid in cryptocurrency. With that in mind, you’re likely wondering “What is ransomware as a service?” and “How does ransomware as a service work?

What is ransomware as a service?

Or rather, how does ransomware as a service work differently from other ransomware? Simply put, ransomware as a service (RaaS) is an increasingly popular business model in which ransomware developers sell or license their malicious code on the dark web to another bad actor to deploy. It’s modeled after software as a service (SaaS), where software is hosted on a cloud provider and accessed by end-users on a subscription basis. Since the buyers purchasing ransomware as a service don’t actually develop the malware, they don’t need to be particularly skilled or tech-savvy to use it.

How does ransomware as a service work?

Malware developers have opened an additional revenue stream where they outsource malicious code to less talented affiliates, relieving themselves of the cost and effort involved in deploying the attack themselves. As a result, affiliates can extort businesses, governments, and other institutions using expertly developed, tried-and-true malware they didn’t have to design themselves.

The ransomware as a service business model can work in a couple of different ways:

  • Subscription model. This entails an affiliate paying a regular, (usually monthly) fee to a developer, who in turn leases their malware to the affiliate.
  • Affiliate model. Like the subscription model, this also includes a regular fee in addition to a percentage of the funds the affiliate extorts from their targets.
  • One-time licensing fee model. In this model, an affiliate pays a one-time fee in exchange for unlimited use of the ransomware.
  • Profit-sharing model. There’s no upfront fee or subscription in this model. Instead, affiliates agree to pay a continuous cut of the revenue extorted from ransomware victims going forward.

Ransomware as a service can vary in price from double-digits to upwards of hundreds of thousands of dollars, depending on the reputation of the developer and the effectiveness of their product.

Effects of ransomware as a service on ransomware attacks

Ransomware attacks are on ​​the rise because of two primary factors: the growth of the cloud infrastructure brought on by the increase in remote work, and the growing availability of ransomware as a service.

Now, consider how much easier it is for unskilled cybercriminals to launch this type of attack thanks to the ransom as a service model. Researchers estimate that two out of every three ransomware attacks in 2020 were launched by affiliates who obtained the malware through ransom as a service.

Successful ransomware attacks can be financially devastating. This year, one insurance company made a record payout of $40 million to hackers, likely using ransomware as a service, holding their information hostage. Plus, this payout does not include the costs incurred from lost business in the downtime or the cost of recovering and re-establishing business-as-usual. Nor does it include the damage done to the company’s reputation.

According to Cybercrime Magazine, ransomware attacks are expected to cost businesses $20 billion in 2021, with ransomware attacks deployed every 11 seconds. An estimated 58% of the businesses that fall victim to ransomware attacks in 2021 are expected to pay the ransom, and that’s with no guarantee that they’ll actually get their data back.

Protect yourself from ransomware as a service

Although ransomware attacks are becoming more common, that doesn’t mean you have to fall victim. Get in touch with us today to find out how SiteLock can protect your online business by proactively enhancing your cybersecurity efforts.

Latest Articles
Follow SiteLock