As the world marks the second Anti-Ransomware Day, there’s no way to deny it: ransomware has become the buzzword in the security community. And not without good reason. The threat may have been around a long time, but it’s changed. Year after year, the attackers have grown bolder, methodologies have been refined and, of course, systems have been breached. Yet, much of the media attention ransomware gets is focused on chronicling which companies fall prey to it. In this report, we take a step back from the day-to-day ransomware news cycle and follow the ripples back into the heart of the ecosystem to understand how it is organized.
First, we will debunk three preconceived ideas that obstruct proper thinking on the ransomware threat. Next, we dive deep into the darknet to demonstrate how cybercriminals interact with each other and the types of services they provide. And finally, we conclude with a look at two high-profile ransomware brands: REvil and Babuk.
No matter how much work we put into writing this report, before you start reading, make sure your data is backed up safely!
Part I: Three preconceived ideas about ransomware
Idea #1: Ransomware gangs are gangs
Along with the rise of big-game hunting in 2020, we saw the emergence of a number of high-profile groups in the ransomware world. Criminals discovered victims would be more likely to pay ransoms if they could establish some form of reputability beforehand. To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims.
But by placing themselves under the spotlight, such groups hide the actual complexity of t ..
Support the originator by clicking the read the rest link below.
