Brook Chelmo

Ransomware-as-a-Service RaaS is the New Normal

/3 Comments/in /by

Business models always have to tackle the method of distribution, will they sell directly or through a channel of distributors or a mix of both. The same is with ransomware developers. Many are electing to take their successful code and sell it as a kit, which eliminates many risks and the hard work of distribution all the while collecting a cut of the prize.

Throughout the past year, and even until the large-scale WannaCry attacks, floating between the peaks of the infamous events are small focused attacks en masse from rebranded exploit kits. In the past quarter, we have discovered a mix of developer hobby/chaos-malware, rebranded ransomware, and repackaged RaaS ransomware.

  • Trumplocker
  • AlmaLocker
  • Jigsaw
  • Lambda
  • Derialock
  • Shade
  • Popcorn

Recently, one author showed how easy it is to launch a ransomware attack within an hour… with zero hacking skills. So what does this mean to an organization like yours? Should this scare you? Simply put, attacks from more sources equals more attacks but SonicWall has your back.

First off, organizations can have the front-line protection of our award-winning multi-engine network sandbox, SonicWall Capture Advanced Threat Protection (ATP) Service. Capture ATP automatically takes suspicious code at the gateway of your network, and runs it in three parallel engines (and counting) to see what it wants to do from the application, to the OS, to the software that resides on the hardware. We find the newest ransomware families and updates this way.

Secondly, our Capture Labs research team catches many new variants of ransomware and malware in multiple ways as well as from a multitude of external sources. Once new ransomware families are found (either from Capture ATP, a honeypot, or another Capture Labs source), the intelligence is cross-pollinated to the rest of the SonicWall portfolio of security products.

Lastly, organizations can expect to be hit by a wide range of ransomware attacks and should ensure they have a good backup policy and focus on awareness training.

To learn more, watch this video to see how SonicWall stops ransomware:

Brook Chelmo on Twitter
Brook Chelmo
Sr Product Marketing Manager | SonicWall
Brook handles all product marketing responsibilities for SonicWall security services and serves as SonicWall’s ransomware tsar. Fascinated in the growth of consumer internet, Brook dabbled in grey-hat hacking in the mid to late 90’s while also working and volunteering in many non-profit organizations. After spending the better part of a decade adventuring and supporting organizations around the globe, he ventured into the evolving world of storage and security. He serves humanity by teaching security best practices, promoting and developing technology.
Recommended Cyber Security Stories
RSA Conference 2018: Live on Facebook
Why Digital Currencies Like Bitcoin Should Be on Your (security) Radar
What’s Your E-rate Plan? Three Things to Consider
Increase Your Network Security and Control Through Segmentation
Seven Layers of Protection from Hacked Websites
8 Cyber Security Predictions for 2018
Cyber Security News & Trends
Avoid Making a Costly Network Security Shortlist Decision
3 replies

Trackbacks & Pingbacks

  1. Ransomware as a Service (RaaS) with Paradise Ransomware Attacks says:
    August 29, 2018 at 2:33 am

    […] the Paradise Ransomware gets executed, it first relaunches itself to acquire administrative privileges. With these […]

  2. Now, Ransomware as a Service (RaaS) with Paradise Ransomware says:
    August 28, 2018 at 10:02 pm

    […] the Paradise Ransomware gets executed, it first relaunches itself to acquire administrative privileges. With these […]

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply