60% of Organizations Hit by Ransomware-as-a Service Attacks – Bestgamingpro | #malware | #ransomware | #education | #technology | #infosec

Ransomware-as-a-service attacks have grown more popular in the last 18 months, according to a new study from U.K.-based cybersecurity firm Sophos.

The hundreds of ransomware assaults studied by Sophos over that time period included nearly 60% by ransomware-as-a-service teams.

Botnet owners who are trying to protect their businesses by discovering vulnerabilities in the software, systems, and networks of other enterprises risk finding themselves up against sophisticated malware.

Over the previous two years, Sophos has noticed an increase in this sort of attack where malware developers rent out their code to attackers so they may perform the dirty work of hacking into a company’s network and keeping its systems or data hostage until a ransom is paid.

The most prevalent type of ransomware utilized during that period was Conti’s brand of ransomware-as-a-service, which the FBI said in May had attacked 16 medical and first responder networks.

The study states that some malware creators even create their own assault playbooks and distribute them to their affiliates. As a result, various attack organizations end up using very similar tactics.

The larger the size and scope of ransomware distribution methods become as a result of third-party affiliates outsourcing malicious code and infrastructure to specialized ransomware programmers, the more will specialist ransomware programmers be able to outsource malignant code and infrastructure to third-party affiliates.

It’s no longer enough for businesses to assume they’re secure by monitoring security solutions and making sure they detect malicious code.

To design effective cybersecurity defenses for their businesses in 2022 and beyond, IT staff must be aware of the development of ransomware, especially the growing ransomware-as-a-service trend.

The study was compiled by Sophos from a statistical analysis of hundreds of ransomware assaults and millions of malware samples examined by its threat researchers and response teams in the last 18 months.