OpenText Cybersecurity Exposes Ransomware-as-a-Service (RaaS) as 2023’s Prime Threat
WATERLOO, ON, Oct. 25, 2023 – OpenText, a trailblazer in threat intelligence, has dropped its awaited annual list pinpointing the year’s most daunting malware threats. A consistent theme this 2023? The rise and dominance of Ransomware-as-a-Service (RaaS) as the cybercriminals’ preferred tool of devastation.
The Advent of the RaaS Business Paradigm
A disturbing revelation from this year’s data is the rapid emergence of ransomware factions such as Cl0p, Black Cat, Akira, and Royal, signaling the next-gen evolution of prior dominant players. Cl0p, in particular, has taken the nefarious spotlight with its aggressive MOVEit campaign. This effort has driven the average ransom payments to daunting heights, nearing an astounding three-quarters of a million dollars.
Muhi Majzoub, EVP and Chief Product Officer at OpenText, commented on the findings, stating:
“The RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities.”
Yet, not all is bleak. A heartening aspect emerging from the research indicates that a mere 29% of businesses are succumbing to ransom demands, which is an all-time low. This statistic underscores the significant security strides businesses are making to fend off such threats.
The Resilience & Reinvention of Modern Cybercriminals
Modern cybercriminals are evolving. Their adaptability is evident in their capacity to reinvent themselves continually. They return stronger, often under fresh identities, persistently seeking innovative methods to breach their targets.
Detailed Malware Insights for 2023:
- Cl0p: Gained notoriety after a series of attacks on significant entities, including Shell and BBC, leveraging a vulnerability in the MOVEit Transfer file software.
- Black Cat: Featured in our [2021 Nastiest Malware report](internal link to the 2021 report), it’s postulated as the successor to the infamous REvil ransomware group.
- Akira: Specifically targets SMEs and recently compromised Cisco VPN products to infiltrate networks.
- Royal: Potentially the next iteration of Ryuk, it harnesses Whitehat penetration testing tools to gain extensive network control.
- Lockbit 3.0: Despite being a recurring name, its third version poses more significant challenges, being far advanced and elusive.
- Black Basta: A RaaS heavyweight, also linked to the Conti ransomware group, known for its indiscriminate targeting approach.
To immerse more into the insights of this year, consider joining OpenText Cybersecurity’s forthcoming [Nastiest Malware Webinar](internal link to webinar registration).
Conclusion:
The ever-evolving landscape of cybersecurity remains a challenge for businesses across the globe. With Ransomware-as-a-Service (RaaS) rising as a formidable threat, it’s crucial for organizations to stay abreast of the latest malware trends. OpenText Cybersecurity’s revelations provide invaluable insights into what 2023 holds in store in the realm of online threats. We invite readers to share their thoughts and experiences in the comments below. Let’s foster a dialogue to further strengthen our collective cybersecurity stance!