What is Ransomware as a Service (RaaS)?

Updated at: Nov 10, 2020
By Gatefy

Skull to represent Ransomware as a Service (RaaS).

Ransomware is one of the most sophisticated digital threats. Ransomware is a type of malware that has the ability to encrypt and hijack data and systems, requiring a ransom payment to release them. This type of threat is usually transmitted via malicious websites and emails, such as phishing.

For almost 30 years, different types of ransomware have terrified companies and people, making headlines. In recent years, ransomware attacks have caused billions of dollars in damage.

No doubt, ransomware is one of hackers' favorite weapons, as it’s a super-effective tool in providing a quick and simple income.

For a while, cybersecurity reports have pointed out to an increase in the number of cases involving this type of malware. One of the possible explanations for this is precisely Ransomware as a Service (RaaS).

What is RaaS ransomware?

RaaS (Ransomware as a Service) is a marketing model that has contributed to the increasing spread and delivery of ransomware threats. The scheme works almost always on the dark web.

RaaS is also known as a ransomware kit.

RaaS works as follows: the hacker creates a ransomware and "resells" it to people interested in using it, usually by charging a monthly fee or receiving a part of the profit obtained from the scams.

In general, the creators of a ransomware keep 20% to 50% of the profit obtained with the scheme.

In other words, Ransomware as a Service is a business model that allows the threat creator and the buyer to make money even faster.

The buyer doesn't need to configure anything. He pays for a complete package and may even receive guidance on how to be more successful using the ransomware.

The biggest problem with this type of strategy is that it facilitates access to technology with high technical knowledge. In practice, a hacker without great technical skills may have super-advanced ransomware at his disposal.

Examples of ransomware kit or RaaS

1. Stampado

Stampado ransomware offers one of the best cost-benefits for criminals. For around USD 40, it’s possible to purchase a lifetime license. The goal of this threat's creators is to serve the general public. But, of course, it’s not a super advanced ransomware.

2. Shark

Shark ransomware is marketed as follows: the creators keep 20% of the profit obtained from the attacks. Shark was also designed to serve criminals who don't have much experience with ransomware, as it can be customized quickly and simply, without requiring great technical knowledge.

3. Philadelphia

Philadelphia ransomware is one of the most famous. It became known after SophosLabs' threat researcher Dorka Palotay published a report on it. Philadelphia has a one-time fee of around USD 400, which is justified by its creators due to constant updates and usability differences.

4. Satan

The creators of Satan ransomware keep 30% of the money obtained from the scams. The platform used to commercialize the ransomware is advanced, offering customers options for tracking transactions and creating their own versions of Satan.

No More Ransom (NMR)

If you're infected with ransomware, you can try the No More Ransom initiative. NMR is a global project that assists victims of ransomware attacks to recover encrypted information without having to pay the ransom amount.

Gatefy is a No More Ransom partner company.

With the help of NMR, it's possible to decrypt more than 100 different types of ransomware. For more information, visit nomoreransom.org.

In addition, if you're a victim of a ransomware attack, it's recommended that you contact your local authorities, who can probably assist you as well.

How to protect your business from Ransomware as a Service

The huge problem with ransomware attacks is that a simple attack can paralyze the operations of an entire business, causing big losses.

Besides that, there is no guarantee that data and systems will be released after the required amount is paid. This is one of the reasons that reinforce the recommendation: don’t pay the ransom fee.

But much better than having to deal with a ransomware attack is to prevent it. Check out our protection tips.

• Backup

Keep your backups up to date and ensure they are up and running.

• Updates

Prevent hackers and ransomware from exploiting vulnerabilities in your systems by keeping them up to date.

• Email protection

Email is the main gateway for threats, including ransomware. So, invest in email security. Check out Gatefy secure email gateway solution to learn more.

• Endpoint protection

In addition to an email protection solution, invest in an endpoint solution to ensure you’re protecting different gaps.

• User training

Teaching your team to recognize scams and cyber attacks is critical to prevent data breaches and ransomware infections.