Ransomware-as-a-Service RaaS is the New Normal

Business models always have to tackle the method of distribution, will they sell directly or through a channel of distributors or a mix of both. The same is with ransomware developers. Many are electing to take their successful code and sell it as a kit, which eliminates many risks and the hard work of distribution all the while collecting a cut of the prize.

Throughout the past year, and even until the large-scale WannaCry attacks, floating between the peaks of the infamous events are small focused attacks en masse from rebranded exploit kits. In the past quarter, we have discovered a mix of developer hobby/chaos-malware, rebranded ransomware, and repackaged RaaS ransomware.

• Trumplocker
• AlmaLocker
• Jigsaw
• Lambda
• Derialock
• Shade
• Popcorn

Recently, one author showed how easy it is to launch a ransomware attack within an hour… with zero hacking skills. So what does this mean to an organization like yours? Should this scare you? Simply put, attacks from more sources equals more attacks but SonicWall has your back.

First off, organizations can have the front-line protection of our award-winning multi-engine network sandbox, SonicWall Capture Advanced Threat Protection (ATP) Service. Capture ATP automatically takes suspicious code at the gateway of your network, and runs it in three parallel engines (and counting) to see what it wants to do from the application, to the OS, to the software that resides on the hardware. We find the newest ransomware families and updates this way.

Secondly, our Capture Labs research team catches many new variants of ransomware and malware in multiple ways as well as from a multitude of external sources. Once new ransomware families are found (either from Capture ATP, a honeypot, or another Capture Labs source), the intelligence is cross-pollinated to the rest of the SonicWall portfolio of security products.

Lastly, organizations can expect to be hit by a wide range of ransomware attacks and should ensure they have a good backup policy and focus on awareness training.

To learn more, watch this video to see how SonicWall stops ransomware:

Brook Chelmo

Sr Product Marketing Manager | SonicWall

Brook handles all product marketing responsibilities for SonicWall security services and serves as SonicWall’s ransomware tsar. Fascinated in the growth of consumer internet, Brook dabbled in grey-hat hacking in the mid to late 90’s while also working and volunteering in many non-profit organizations. After spending the better part of a decade adventuring and supporting organizations around the globe, he ventured into the evolving world of storage and security. He serves humanity by teaching security best practices, promoting and developing technology.