Microsoft: The ransomware world is changing, here's what you need to know

Microsoft has shone a spotlight on ransomware-as-a-service (RaaS), a style of criminal enterprise that relies on gig workers and is structured around profit-sharing to reduce risk borne by a single actor. 

Microsoft security teams are tracking more than 35 unique ransomware families and 250 threat actors across nation-state, ransomware and criminal activities. RaaS, it says, is a gig economy involving multiple actors around three key pillars.

“In the same way our traditional economy has shifted toward gig workers for efficiency, criminals are learning that there’s less work and less risk involved by renting or selling their tools for a portion of the profits than performing the attacks themselves,” Microsoft Security says in a blogpost

“This industrialization of the cybercrime economy has made it easier for attackers to use ready-made penetration testing and other tools to perform their attacks,” it said.

RaaS has forced Microsoft to look at attacks differently. It’s not one actor, but many, meaning that identifying the ransomware family itself doesn’t give defenders the full picture of threats on the network. 

Stealing data from a target, for example, may be carried out by one group for double extortion, but another group is responsible for

Read More: