The number of organizations affected by ransomware has jumped 102% compared to the beginning of 2020, according to a research note from IT security firm Check Point last month, adding that the number of organizations affected by ransomware globally has more than doubled in the first half of 2021 compared to 2020.
According to the note, the healthcare and utility sectors are the most targeted sectors from the beginning of April 2021.
Driving this surge is the Ransomware-as-a-service (As a Service) model. Criminals favor Check Point because it leverages a partner program to launch cyberattacks, serving to shield the real actors behind the attacks, said RaaS.
Darkside, the group behind the RaaS attack, had been the leading light in Colonial Pipeline. And other groups have followed its lead.
Many have now arranged help desks, technical support, payroll processing and subcontractors. They are basically full-fledged criminal enterprises operating in the digital world, says Amit Yoran, CEO of Tenable, a cybersecurity firm, FOX Business.
They are essentially digital corporations operating in the full-fledged criminal world, Yoran said.
For a customer, it can be as simple as logging into the RaaS portal, creating an account, paying with Bitcoin, specifying the kind of malware they want and hitting the submit button. Cybersecurity firm CrowdStrike explains in its primer on RaaS.
A RaaS kit can also include 24-hour aide, bundled offers, user reviews, forums and other features identical to those offered by legitimate Software as a Service providers, CrowdStrike says.
The price of RaaS kits ranges from $40 per month to several thousand dollars. Trivial quantities, considering the average ransom demand in Q3 2020 was $234,000 the primer says.
And the subscription model -based is effective, simple to execute, and promises profit according to Palo Alto Networks Unit 42 Ransomware Threat Report 2021.
Recent high-profile ransomware attacks are the biggest draw, as shown by major profits.
JBS USA paid an $11 million ransom to cybercriminals who temporarily damaged plants that process roughly one-fifth of the nation's meat supply. And Colonial Pipeline paid hackers close to 5 million in ransom money.
According to CrowdStrike: There are four most common subscription models for RaaS in the United States, according to CrowdStrike:
RaaS Affiliate Programs, where a percent of the profits go to the host RaaS operator.
According to the 2018 Crypto Crime Report, the total amount paid by ransomware victims increased to reach nearly $350 million in 2020, according to Chainalysis 2021.
According to Chainalysis, no other category of crypto-based crime had a higher growth rate.