Cybercriminals are increasingly using ransomware-as-a-service (RaaS) to access organisations’ data, according to Microsoft’s second Cyber Signals report, which highlights security trends and insights from its 43 trillion security signals and 8,500 security experts.
To execute an attack via RaaS, criminals purchase or rent ransomware from a developer so they can deploy it against specific targets, often vulnerable organisations with exposed credentials or existing malware footholds in their network.
“The impact of RaaS dramatically lowers the barrier to entry for attackers, obfuscating those behind initial access brokering, infrastructure, and ransoming,” said the Microsoft Security team in a blog post. “Because RaaS actors sell their expertise to anyone willing to pay, budding cybercriminals without the technical prowess required to use back doors or invent their own tools can simply access a victim by using ready-made penetration testing and system administrator applications to perform attacks.”
Microsoft recommends basic defences like multifactor authentication to combat ransomware infiltration routes before the malware deployment stage.
Read more about the new Cyber Signals report and ransomware defence.