RaaS (Ransomware-as-a-Service) – a business model in cybercrime where developers of ransomware software provide their tools to external malicious actors as subscription services or through a revenue-sharing model. RaaS transforms a complex cyberattack into an accessible service even for technically unprepared malicious actors.
Principle of Operation
RaaS operates similarly to legitimate SaaS (Software-as-a-Service) solutions:
- Developers create malicious software for data encryption;
- Provide access to infrastructure for conducting attacks;
- Provide technical tools for receiving ransom (often in cryptocurrency);
- Offer support to their “clients”;
- Receive a percentage of the ransom amount.
RaaS significantly expands the scale of malicious ransomware, increasing the number of attacks and making them more accessible. This model presents a serious problem for organizations of any size. To protect against attacks, organizations need to implement comprehensive cybersecurity strategies, including regular backups, employee training, network segmentation, and the use of modern protection tools.