Ransomware isn’t a new threat to the cyber world. Its origins go back many years now. Over time, this threat has become only more vicious and harmful.

While people were trying to deal with this cyber threat, cybercriminals moved one step further by offering ransomware-as-a-service (RaaS). Under this service, cybercriminals provide a compact malicious kit capable of launching a ransomware attack.

In this article, we discuss RaaS and how you can protect your system against this threat.

What is ransomware?

Ransomware is a form of malware where cybercriminals attack your system with malicious code. Their intent is to lock you out of your system and encrypt your important and sensitive data. Further, they demand ransom from you before they provide a decryption key for your locked system and encrypted data.

The problem with their modus-operandi is that they do not necessarily provide you with the decryption key even after you pay them the ransom. Thus, we highly suggest you do not pay ransom; under the best of circumstances, it will help fund more activity of the ransomware threat.

What is Ransomware-as-a-Service (RaaS)?

Ransomware-as-a-Service (RaaS) borrows from the Software-as-a-Service (SaaS) model. This subscription-based malicious model enables even the novice cybercriminal to launch ransomware attacks without much difficulty. You can find various RaaS packages in the market that reduce the need to code malware. As such, it is commonly used by cybercriminals who don’t have much technical knowledge of how to create ransomware. This malicious model allows anyone to become an “affiliate” of an established RaaS package or service.

How does it work?

Under this malicious franchise-like deployment model, cybercriminals write ransomware code and sell/rent it under an affiliate program to other cybercriminals who have the intent to launch an attack. They provide technical know-how and step-by-step information on how to launch (Read more...)