A growing Ransomware-as-a-Service model uses affiliate attackers with proven track records to spread the malware, offering a percentage of the ransom.
The business of ransomware and other types of malware has many types of players. Some organizations are focused on the entire ransomware attack – from build to phish to infection, with others only wanting to build, some just wanting to provide phishing services, and still others only interested in executing the actual attack.
In today’s world of cyberattack, there’s something for everyone.
One of the distribution models for ransomware that is gaining popularity is the use of an affiliate network of attackers. The creators of the latest iteration of this model, FilesLocker, are looking for affiliate organizations and individuals with proven track records of distributing ransomware via phishing, social engineering, or other methods, specifying that affiliates must meet an infection minimum of 10 per day. Affiliates can expect anywhere from 60-75% of the ransoms generated through their actions.
Opportunities like this are sought after by attackers who have the art of phishing down to a science. With an ability to email millions of recipients, along with an understanding of how to craft an email message that will get the recipient to click a link, these kinds of attackers love that someone else is responsible for the ransomware part of the attack.
This kind of attack means more potentially malicious emails coming into your organization. The bad news is attackers are sufficiently motivated to want to infect as many of your users as possible, to rake in the greatest amount of money possible. The good news is it still takes a user to turn this ransomware “dream” into a reality – without the user clicking on the attachment or malicious link, the attack is dead.
Organizations should look to Security Awareness Training to teach users what phishing emails look like, the tactics they take, and how to have a generally heightened sense of security when it comes to interacting with email and the web. By enrolling users continually through Security Awareness Training, organizations reduce the risk of falling victim to phishing scams and social engineering tactics on the web, improving organizations security.