Startling triple-digit growth is fueled by easy criminal access to corporate networks and RaaS tools, an analysis found.
The ransomware business is booming, and feeble corporate security and a flourishing ransomware-as-a-service (RaaS) affiliate market are to blame, researchers say.
Access to compromised networks is cheap, thanks to a rise in the number of initial-access brokers and RaaS tools can turn everyday petty crooks into full-blown cybercriminals in an afternoon, for just a few bucks.
That’s according to findings from Group-IB’s Hi-Tech Crime Trends Report 2021/2022, which unpacks the startling numbers behind what the report calls an “unholy alliance” between ransomware operators and corporate-access brokers — which analysts said has fueled a 935 percent spike in the number of organizations which had their stolen data exposed on a data leak site (DLS).
Ransomware groups have increasingly used the tactic called double extortion, where they not only steal a company’s data, but threaten to publish it to ratchet up the pressure to pay a ransom. The report proves these groups are following through on the threats.
RaaS, Initial-Access Brokerage Spike
Over the past year, Group-IB identified the number of active initial-access brokers jumped from 85 to 229 and the sheer number