Blog

Is Ransomware-as-a-Service as Easy as Advertised?



In a recent exploration of Ransomware-as-a-Service, Sangfor introduced you to Dharma, a ransomware designed for the layman who can’t resist wreaking technological havoc, but doesn’t have the coding skills to follow through.

Yes, ransomware is a service now, and yes, it requires a knowledge of how to use computers and the internet - but how hard is it really, asked Drake Bennett in February 2020, when he decided he would put his journalistic skills to good use by personally testing the user-friendly aspect of ransomware-as-a-service. Bennett informs his "mark," a fellow researcher, that he will be sending over some ransomware in e-mail format (essentially spear phishing his friend) and to be on the lookout. He quickly chose a ransomware package costing $150 USD and off he went, navigating through headings like "Dashboard" and "Victims," where he muses that columns "would presumably propagate once I had multiple campaigns going." The “Builder” tab took him to a page where he typed in a few instructions like an e-mail address and the type of operating system he wanted to target - and his ransomware was ready for the attack. After a few false starts and a few hurdles, he managed to attack his friend with his off-the-rack ransomware. A journalist who had no hacking experience whatsoever. Frightening.

We all know about ransomware like REvil and WannaCry and all the pain they’ve caused, with ransomware even responsible for the death of human beings in recent months. But what further threat does Ransomware-as-a-service pose? First, ransomware developers are further distancing themselves from the attack surface, ensuring that they remain free, available, and ready to work on creating new malicious programs. Secondly, the cost for noob-hackers to attack networks decreases, making the process easier, quicker and more profitable.

All signs point to ransomware surpassing itself in coming years to be an extremely profitable scam that anyone can perpetrate with no effort whatsoever. The only defense against this type of attack is proactive and cohesive protection.

One solution many organizations have been exploring is better, faster and more agile network security using Sangfor’s APT/Ransomware Protection Solution with Sangfor’s Next Generation Firewall, or NGAF at its core.

Sangfor NGAF is the world's first AI-enabled and fully integrated Next Generation Firewall integrated and Web Application Firewall with an all-around protection from all threats, powered by innovations like Neural-X and Engine Zero. A truly secured, integrated and simplified firewall solution, it provides a holistic overview of the entire organizational security network, with ease of management for administration, operation & maintenance, making protection from ransomware of any kind, fast, simple and automated.

Sangfor NGAF integrates Sangfor Endpoint Secure, the future of endpoint protection. Working with NGAF, the Endpoint Secure Ransomware Honeypot and One-Click Kill for malicious files across the network, can respond to and mitigate ransomware encryption faster than any other solution available today.

Interested in learning more about Ransomware-as-a-Service (RaaS)? You should be! Join Sangfor expert Allen Lim, for an in-depth discussion on vulnerabilities, how security systems like NGAF and Endpoint Secure protect against Ransomware of all kinds, and best practices and tips for avoiding disaster and protecting your network from the inside out.

Click HERE to research or register for the October 13th, 2020 webinar, and learn how Hacking is Made Simple with Ransomware-as-a-Service (RaaS) and discover why your organization should care.



Why Sangfor?
Sangfor Technologies is an APAC-based, global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing. Visit us at www.sangfor.com to learn more about Sangfor’s Security solutions, and let Sangfor make your IT simpler, more secure and valuable.