The shift to the subscription economy has created a new norm in the as-a-service world. And it’s not just Netflix and Spotify that have adopted this business model.
Tenable, the Cyber Exposure company, has discovered that one of the main reasons ransomware has thrived is the introduction of ransomware-as-a-service (RaaS), which has catapulted ransomware from a fledgling threat to a force to be reckoned with. The service model has significantly reduced the barrier to entry, allowing ransomware to be commoditized by cybercriminals who lack technical skills.
Ransomware groups reportedly earned $692 million from their collective attacks in 2020 alone, a 380% increase over the previous six years ($144 million from 2013 to 2019). RaaS’s success has also attracted other players, such as affiliates and initial access brokers (IABs), who play important roles in the ransomware ecosystem, often more than ransomware groups themselves.
“Ransomware continues to impact businesses around the world, both in terms of ransom paid and cost of remediation, and the Middle East is not exempt. With sophisticated RaaS techniques being used, including double extortion, it is imperative that enterprises prepare themselves in advance, gaining insights and understanding that help them mitigate and remediate these attacks,” explains Satnam Narang, senior staff research engineer at Tenable.
The study discovered that the current dominance of ransomware is directly related to the emergence of a technique known as double extortion. The Maze ransomware group pioneered the tactic of stealing sensitive data from victims and threatening to publish these files on leak websites, while also encrypting the data so that the victim cannot access it.
Ransomware groups have recently added a variety of other extortion techniques to their arsenal, such as launching DDoS attacks and contacting victims’ customers, making it even more difficult for defenders. These are tactics used by ransomware gangs to put additional pressure on victim organizations.
According to a recent global survey conducted by Vanson Bourne, the total cost of remediation following a ransomware attack has risen in the United Arab Emirates (UAE) and Saudi Arabia. The total cost in the UAE increased from $0.52 million in 2020 to $1.26 million in 2021, while in Saudi Arabia it increased from $0.21 million to $0.65 million. Downtime, people’s hours, device and network costs, lost productivity and opportunities, and the ransom paid are all typical remediation costs.
“Enterprises cannot throw people and money into the situation and expect it to be a permanent fix. They need to align with the right partners, select the right technologies and build the right internal skills. These are wise investments with longer-term returns,” Satnam concludes.
