Ransomware-as-a-Service is Organising, Becoming More Devastating and Costly

25/05/2021 10:02 - By Bill
Blog courtesy of KnowBe4

Written by Stu Sjouwerman

Take a look at the complex relationships that exist today between the ransomware gangs and the various services they utilise, and you quickly realise this is a very organised and effective business.              


Ransomware has quickly grown into a robust ecosystem of players, vendors, suppliers and service providers all working in the interest of taking your organisation for as much money as is humanly possible.


According to cryptocurrency and blockchain data provider Chainalysis in their Ransomware 2021: Critical Mid-year Update Report, it shed some light on exactly why. In 2020, the total amount paid by ransomware victims rose 311% from the previous year.

Source: chainanalysis.com

Like reputable online services, both ransomware and the supporting services they require are offered in tiers of services to meet the needs of the “customer”. Take the example below showing the various packages offered for use of ransomware software:

Source: Kaspersky

The amount of ransomware funds going to these third-party “providers” has also increased significantly in the last 4 quarters (right side of the chart below), demonstrating the increase in observed value in outsourcing some part of the ransomware attack to a specialty third-party, and further expanding the “as a service” definition.

Source: chainanalysis.com

What this means to organisations like yours is the bad guys are working more closely than ever before and are finding more profitable ways to extract money from their victims. So, it’s critical that attacks stop before they do any damage. With phishing remaining a top initial attack vector, having users undergo continual Security Awareness Training will help to minimise the likelihood they will fall for social engineering tactics and engage with malicious email content that act as the launch point for today’s ransomware attacks.

Get Your Ransomware Hostage Rescue Manual

This 20-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with ransomware. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:
      1. What is Ransomware?
      2. Am I Infected?
      3. I’m Infected, Now What?
      4. Protecting Yourself in the Future
      5. Resources


Don’t be taken hostage by ransomware. Download your rescue manual now! 

Bill