Most people outside of the security protection industry haven’t heard of the term RAAS.  Sure, you may have heard of SAAS (Software As A Service) which is a component of the stampede to cloud computing but RAAS?  RAAS stand for Ransomware As A Service.

Ransomware As A Service is the newest development in the biggest growth market segment of computer hacking.  For several years businesses and individuals have had to deal with rogue software called ransomware that can infect their computers via e-mail or infected web sites that corrupts their data and attempts to extort a ransom payment to un-do the damage done.

Experts reported that there were over 638 million ransomware attacks in 2016 and that was an increase of 167 times the number of attacks in 2015.  They estimate that nearly one half of all business fell victim to a ransomware compaign last year and losses amounted to $1 billion worldwide.

Ransomware writers are now branching out into the Software As A Service (SAAS) market and offering their software on a rental basis to less proficient hackers who want to get in on the action.  Ransomware packages are offered to anyone for a nominal fee and a percentage of any ill-gotten gains collected.  It’s a win-win proposition for hackers.  They can increase their profits by letting other hackers do the leg work infecting computers, collect a healthy cut of the action and reduce their risk of getting caught because someone else is doing the dirty work.

What’s that mean to you?

  1. It’s going to mean continued exponential growth in Ransomware attacks on your business as more people join the action.[spacer height=”5px”]
  2. There will be a dramatic growth in the variety of exploits you’re going to face as ruses continue to get more creative to trick your staff into doing something they shouldn’t.[spacer height=”5px”]

What can you do to protect yourself?

Unfortunately, conventional anti-virus programs can only protect against threats they have seen before so you must recognize that anti-virus programs are limited in their effectiveness. You should rely on your IT security professionals to learn about the latest developments in malware detection and be prepared to upgrade as new advances become available.  (a word of caution is needed here.  Not all people in IT are experienced in computer security.  So ask questions before picking an IT Security Advisor!  Just because someone is proficient with Microsoft Word doesn’t mean they are experienced in IT security in the same way that you shouldn’t trust your dentist to perform heart surgery.  It’s not that your dentist isn’t a great dentist and a wonderful person.  It’s just a different skill set.)

Set up a multi-layer defense system using different methods to screen incoming traffic on your network.

  • We recommend off-premises scrubbing of spam and malware for all incoming e-mails to get rid of as many threats as possible before they even reach your network.  Last month, one of our local governmental clients had 78 Ransomware attacks stopped at that level BEFORE their employees even had a chance to be tricked into an infection.[spacer height=”5px”]
  • Then there should be a second inspection process at the perimeter of your network (your firewall) to further evaluate not only your e-mail but any web or other traffic entering your network that might be suspicious.[spacer height=”5px”]
  • Third, you should have a packet inspection system that monitors your network looking for suspicious activity that could indicate an infected computer on your network is communicating with an off-site hacker command-and-control-server and possibly leaking your data or downloading even more malware from it.[spacer height=”5px”]
  • Fourth, even though they can’t be you sole line of defense and are no longer capable of detecting every threat coming out endpoint anti-virus program still have value.  (New threats are introduced at the rate of over 100,000 per hour and no defense system can keep up with that onslaught.)  Look for A/V products that have heuristic detection capabilities and malware sand-boxing features.  You should invest in the BEST endpoint anti-virus program available to you.  Make sure that it also has a notification system that can alert your security team in the event of a potential infection.  Many cheaper A/V products don’t send out alerts and instead rely on the PC user to recognize when an infection occurs.  In our experience computer users general don’t recognize when they’ve been infected until it’s too late.[spacer height=”5px”]
  • Finally, regular security awareness training for your staff is critical to the defense of your computers. They need to be aware of what kinds of threats they might encounter and how to react without doing damage to your system.  Conduct AT LEAST quarterly end user security training.  Industry statistics show that this can be the single biggest thing you can do to improve your malware defenses and protect your network from damage.[spacer height=”10px”]

Again, trust your IT Security Professional to help you pick the best ransomware and malware defense systems for you and for heaven’s sake, if any IT person recommends you use a freeware anti-virus product instead of paying for a good highly rated program, fire them immediately.  Free anti-virus programs give you as much value as what you paid for it.  ZERO!