Blog

Monetized ransomware, pt. 2: the cyber crime service industry

Nov 25, 2021

This is part two of a three part article on the emergence of cyberattacks and ransomware as a service industry. Part one can be found here.

 

 

Over the last ten years of cyber threat development, malicious actors began creating databases on the darkweb where the methods and necessary applications could be classified and organized. The creation of these databases has been followed by the birth of a service system where organizations provide tools of the cybercriminal trade to paying customers. This is called Ransomware-as-a-Service (RaaS).

 

Ransomware-as-a-Service has been successfully used by ‘subscribers’ to cause several major incidents. As of this writing, it is even conveniently available through different purchase models such as a one-time fee, a monthly subscription, or profit sharing. One particularly notorious example from 2021 is REvil, which was the lynchpin in many hard-hitting cyber attacks:

 

  • April 2021 saw an attack on Quanta Computer in which attackers attempted to extort $50 million USD with stolen designs belonging to Apple and Lenovo
  • In May 2021, the largest meat processing company in the world, JBS S.A., was forced to shut down some production lines and chose to fork over an $11 million payout to avoid stolen data being exposed online
  • In July of 2021, supply chain attacks based in Kaseya VSA (Virtual System Administrator) remote monitoring and management software caused downtime for over 1,000 companies

 

It’s important to note that it’s highly likely that less than half of cyber attacks make it into public knowledge, while the rest are resolved behind closed doors. It’s highly likely that the next wave of cyberattacks will focus on the weaponization of operational technology. Aggressive, persistent attackers are certainly willing to jeopardize human lives in the hope of a fast payout.

 

 

To learn more about how to create a cybersecurity baseline that protects operations from disruption by cyber attack, check out our white paper ‘Optimizing Network and Endpoint Resilience: Manufacturer Cybersecurity in the Era of Digital Transformation’.

TXOne image
TXOne Networks

Need Assistance with OT Security ?

Our team is here to assist with OT security challenges and provide guidance on implementing effective solutions.​