October 13


Ransomware-as-a-Service (RaaS): The New Business Model for Ransomware Developers

Ransomware started as a threat to the consumer but has evolved and is targeting small and large businesses.

Ransomeware is a type of malware that encrypts files or entire file systems on PCs and servers, making them unusable to the business. It holds them hostage until the company pays a ransom; otherwise, their data is exposed.

As Ransomware becomes popular and demand increased, cybercriminal organizations have found the perfect way to supply this demand and increase their profit. Ransomware-as-a-Service (RaaS) appears as a new twist to the typical Ransomware and is sold freely in the Dark web.

How does RaaS work?  

RaaS services are displayed via banners Ads, and forums on the dark web, making it easy for an unskilled cybercriminal to find them. RaaS has a different business model; some work under a subscription fee, or the most popular commission-base. The latter is the most used by criminals since an initial investment isn't needed.

The following are some examples of RaaS that have made news in recent years:

  • Satan RaaS Platform:  It's available on the dark web and works under commission-based profit. 
  • Petya:  It was used for a global cyberattack, primarily targeting Ukraine. It also works under commission-based profit.
  • Cerber:  It also worked as commission-based and was one of the most active ransomware strains. Nowadays, antiviruses are able to detect this malware.

How to protect your business against RaaS?

The defense against RaaS is not different than the typical Ransomware. Below are some good practices to apply to maintain a healthy and secure system.

  • Train users on the latest fishing attacks, especially those coming on email.
  • Backup files regularly and frequently.
  • Keep up-to-day the system and software. 
  • Disable remote desktop connection when possible

About Allari

Allari implements customized service plans for IT Operations & Cyber-security which allow you to complete a higher volume of planned work, gain the capacity to innovate and help your business to win.

Subscribe to the best newsletter there is.

You won't regret it!


Cybersecurity, Malware, RaaS, Ransomware, Ransomware as a service

About the author

Gabriela Granda

I am a Systems Engineer specialized in security and networking. I'm interested in defensive security and forensics.

You may also like

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}