Analysis by threat intelligence group Analyst1 recently uncovered that the bad guys are responsible for forming a ransomware cartel.
The analysis explains how a ransomware cartel works, in which several cybercriminal gangs band together on ransom operations. These gangs share resources, tactics, and profits made. This cartel is made for two big reasons - more reach and more revenue.
Below is a breakdown of how this cartel has formed:
Analyst1 said in a statement, "The first tie we found provided evidence that the groups are working together and sharing resources to extort victims. Several gangs compromised and stole victim data, which they passed on to Twisted Spider. Twisted Spider then posted the victim’s data and attempted to negotiate a ransom on their data leak site. This type of collaboration and sharing would not occur unless all three criminal elements had a trusted relationship with one another".
One of the key findings that is worth mentioning based on the analysis is the use of Ransomware-as-a-Service, which hires cybercriminals to execute the attack for you at a discounted price. Cartels are also continuing to increase their ransom demands, automating their attacks, and reinvesting profits made from successful attacks to enhance their tactics. Unfortunately, it is only getting more and more easier for these ransomware gangs to infiltrate your organization.
It is more important now than ever to ensure your team is implementing layered solutions for the best possible protection. New-school security awareness training is the most effective step to take, because it's most helpful for your users to know what to look out for on any possible infection.