In the annual report of OpenTextcalled Nastiest Malware, the situation of cyber threats and their evolution over the last year was analysed. From this account it became clear how the attacks ransomware-as-a-service (RaaS), are a rapidly growing threat.
In the context of the last twelve months, the attack that recorded the most sensational numbers was the campaign he saw MOVEit as a victim, with 56 million people affected and a global damage of almost 11 billion dollars.
The group was responsible for this action Cl0p with its RaaS platform, with victims with high-sounding names such as Shell, BBC and the US Department of Energy. As is easy to understand, however, the scene also saw other collectives who, through their illegal actions, caught the attention of security experts.
Let’s talk, for example, about Black Cat. The group, presumed successor to REvilappeared on the scene in 2021 and built its own RaaS platform by basing the deployment strategy on the programming language Rust. Black Cat’s most sensational attack involved MGM Casino Resorts.
From Cl0p to Akira: the RaaS phenomenon is characterizing this 2023
Another name that OpenText paid attention to is that of Black Enough. Group that derives from Contistood out for his intense activity in the industrial sectors.
It is no less Akira, which mainly targets small and medium-sized businesses. The ransomware proposed by this collective has impressed professionals due to its ease of infection and speed of operations. The most famous attack attributed to Akira is the one involving the products VPN Cisco.
Second Muhi Majzoubexecutive vice president and chief product officer of OpenText “A key finding this year is that the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are the main factors contributing to the success of RaaS along with the ability to easily evade authorities“.
But there is also a positive side: Majzoub himself also observed that today only 29% of companies give in to ransom demands. This, combined with greater awareness of the risks (and adequate investments for the company’s defense), nevertheless represent a positive reaction to cyber threats.
