Security Intelligence -
Ransomware Attackers Have ‘Industry Standards’ Too
Ransomware attackers are creating ‘industry standards’ and using them to define an ideal target for their campaigns.
The Ideal Target: Location, Revenue and Other Criteria
In July 2021, KELA discovered 48 discussion threads on dark web marketplaces. There, users claimed to be digital attackers looking to buy access into networks. The intelligence solutions provider found that actors connected with Ransomware-as-a-Service (RaaS) schemes, including operators, affiliates and middlemen, had created nearly two-fifths of the threads. From those discussion threads, KELA determined that ransomware actors look for certain criteria when looking to purchase accesses.
These factors include the following:
Geography: Nearly half (47%) of the ransomware actors mentioned the United States as the desired location of their victims. Next on the list were Canada, Australia and European countries at 37%, 37% and 31%, each. Revenue: On average, ransomware attackers wanted their victims to be making a minimum of $100 million, though they sometimes specified different ransom amounts for different locations. Attackers said they wanted over $5 million for U.S. victims, for instance, while they specified a desired revenue of at least $40 million from “the