top of page

The Rise of Ransomware-as-a-Service

Updated: Feb 7

by Foluwa T. Rewane, Founder, CEO, & vCISO, Iron Defence Security Corporation

Businesses worldwide are increasingly becoming more digitized, and the growing adoption of these online models also exposes them to a world of new cybersecurity threats. Ransomware attacks are some of the most destructive methods cybercriminals use to wreak havoc for material gain. 2021 saw a surge of ransomware attacks on businesses of all sizes, from oil pipeline companies to global technology organizations.

The average cost of a ransomware attack is far more than the ransom itself. Sophos’ annual State of Ransomware Report indicates that the average cost of remediating a ransomware attack is 10 times the cost of paying the ransom.

Why is there a rise in ransomware attacks, and who is behind it all? Ransomware-as-a-Service is also a term floating around these days, and it might offer an explanation for why all this is happening.

What Is Ransomware?

Ransomware is a kind of malware that cybercriminals use to encrypt all the data on infected devices, like computers or entire servers. The malpractitioners often export the sensitive data they have gained access to and hold it all a ‘hostage’ in exchange for ransom.

Once ransomware is successfully installed and implemented and the data is held hostage, the cybercriminals demand an amount in exchange for a method to decrypt the data. Otherwise, the hackers may continue preventing your access to the data. There are situations where they may release or sell sensitive data on the deep web.

What Is Ransomware-As-A-Service?

Ransomware-as-a-Service, or RaaS, is a business model akin to what you would expect the name to suggest. It is a practice in which ransomware providers are paid by their affiliates to launch targetted ransomware attacks. Think of it like a Software-as-a-Service (SaaS) business model that has been tweaked for ransomware.

Malpractitioners who lack the technical skill to develop ransomware themselves now have an affordable method to deploy ransomware attacks by hiring those who are already good at it. The dark web is full of RaaS kit providers.

There are a few common RaaS business models. The first is a monthly subscription or a flat-fee model, depending on the requirements of the entity that wants to deploy a ransomware attack. The second is an affiliate program where there may be a monthly subscription fee, but it involves sharing a percentage of the profits (ransom amount) with the developer. The third involves a one-time licensing fee for the developer without any profit sharing.

The RaaS market is thriving and competitive, making it easier for cybercriminals without skills or the time to develop ransomware to access this destructive cyber threat tool easily.

Preventing RaaS Attacks

The cost of suffering from a ransomware attack extends beyond the ransom alone. The lost trust in a business due to compromised security, loss of business, and the high cost of remediation can be crippling. Preventing ransomware attacks is better than dealing with facing one itself.

At Iron Defence Security, we can audit the current state of your organization’s network and the security protocols in place. We can identify any weaknesses and provide robust cybersecurity solutions to help you curb the rising threat from RaaS operators. Call us to book a consultation if you want us to work with you to assess your requirements and provide you with the cybersecurity framework to protect your business.


Foluwa T. Rewane is a whitehat cybersecurity consultant and CEO of Iron Defence Security Corporation, a Toronto, Canadian-based security firm specializing in cybersecurity solutions for small and mid-sized businesses. When Foluwa is not battling attackers and cyberattacks, you can find him spending quality time with his wife and three kids. You can reach Foluwa via Twitter, at his handle @FoluwaTRewane.

51 views0 comments

Bình luận

bottom of page