News & Insights
The rise of Ransomware-as-a-Service (RaaS)
According to the latest Threat Report from Sophos, 2022 is set to be the year of Ransomware-as-a-Service (RaaS). Whilst Ransomware is not a new form of attack, Sophos describe in their report how it is growing and becoming a key method of attack.
This method is one of the most damaging and costly attack methods affecting businesses across the world.
To give you some perspective, in 2020-2021 79% of the attacks the Sophos Rapid Response team responded to were Ransomware attacks.
The Sophos rapid response team have described a growth in ransomware as well as a contemporary model which is likely to persist and expand over the coming years.
Historically, threat actors have created bespoke ransomware to target specific organisations. What Sophos are now seeing, is that there are two groups involved in these attacks. The first group is a specialist in creating bespoke ransomware, the second group specialise in accessing the organisation to attack.
This RaaS model allows bespoke ransomware being made available to threat actors on a subscription type model.
During 2020-2021 Sophos encountered atleast 43 Ransomware ‘Families’. The biggest being Conti (16%), REvil (15%), Ryuk (9%), Ragnarok/LockBit (4%), Maze/Darkside/Black Kingdom (3%)
Luckily, the report further details that in 2021, an affiliate of the Conti RaaS service, released a treasure trove of information, designed to instruct affiliates on the steps required to implement ransomware attacks.
This information has benefitted companies such as Sophos as it has enabled them to analyse the contents to further define behavioural analysis and detection rules creating a stronger platform to protect your business.
If you’re concerned about any malicious activity within your organisation or would like to discuss how you can enhance your protection against Cyber Threats, get in touch with the team today: hello@fourtify.co.uk.
Categories
- Consultancy
- The Importance of an Incident Response Plan for Small and Medium Businesses
- What is Malware?
- Is Vulnerability Scanning important to your business?
- Cyber Essentials for Accountancy Sector
- IASME Cyber Baseline FAQs
- Cyber Essentials for Small Businesses
- Funded Cyber Essentials Programme
- Cyber Essentials – Grace Period for Technical Controls
- IASME and British Chamber of Commerce: Chamber Cyber Essentials Partnership
- Cyber Assurance Level 1 & Level 2 Certification: FAQs
- The IASME Cyber Assurance Standard
- Fourtify’s Cyber Security FAQ’s
- E-mail Security
- The rise of Ransomware-as-a-Service (RaaS)
- Cyber Essentials & Cyber Essentials Plus
- Cyber Awareness
- The Importance of an Incident Response Plan for Small and Medium Businesses
- Whats your Cyber Secure Score?
- Fourtify achieve Certification Body status for Cyber Essentials Plus
- Is Vulnerability Scanning important to your business?
- Cyber Essentials / IASME Cyber Assurance: Price Increase from April 2nd 2024
- Sophos Intercept X achieves ‘AAA’ Protection
- Cyber Essentials FAQs
- What is the difference between Phishing and Blagging?
- Diminish Cyber Threats with Sophos Intercept X
- Cyber Assurance Level 1 & Level 2 Certification: FAQs
- The IASME Cyber Assurance Standard
- Fourtify’s Cyber Security FAQ’s
- E-mail Security
- The rise of Ransomware-as-a-Service (RaaS)
- Cyber Essentials 3.0 will be launching in January 2022
- Stay Safe Online this Christmas.
- Cyber Essentials & Cyber Essentials Plus
- Cyber Essentials
- Whats your Cyber Secure Score?
- Fourtify achieve Certification Body status for Cyber Essentials Plus
- What is Malware?
- Cyber Essentials for Accountancy Sector
- Cyber Essentials / IASME Cyber Assurance: Price Increase from April 2nd 2024
- Lexcel and Cyber Essentials: Strengthening Your Legal Practice’s Security.
- Cyber Essentials Montpellier (3.1)
- Cyber Security for Charities
- Cyber Essentials for Small Businesses
- Funded Cyber Essentials Programme
- Cyber Essentials – Grace Period for Technical Controls
- Cyber Essentials FAQs
- IASME and British Chamber of Commerce: Chamber Cyber Essentials Partnership
- What is the difference between Phishing and Blagging?
- Diminish Cyber Threats with Sophos Intercept X
- The IASME Cyber Assurance Standard
- Fourtify’s Cyber Security FAQ’s
- Update to Fees for Cyber Essentials Certification
- Cyber Essentials 3.0 will be launching in January 2022
- Cyber Essentials & Cyber Essentials Plus
- IASME Cyber Assurance
- Cyber Essentials / IASME Cyber Assurance: Price Increase from April 2nd 2024
- IASME Cyber Assurance & Privacy Commissioner, Bermuda.
- Cyber Security for Charities
- What is the difference between Phishing and Blagging?
- Diminish Cyber Threats with Sophos Intercept X
- Cyber Assurance Level 1 & Level 2 Certification: FAQs
- The IASME Cyber Assurance Standard
- IASME Cyber Baseline
- Remote Working