Help Net Security has written an article discussing the consequences of the service-oriented ransomware industry’s growth. Due to the intense profitability of the industry, criminals have reproduced a legal economy with major ransomware groups using third parties and subcontractors while offering a menu of services to criminal consumers.
This “successful” business model creates significant consequences for network defenders, as this ecosystem produces modular malware and on-demand infrastructure available to anyone with motivation and an internet connection. Furthermore, threat actors have become harder to distinguish as they each purchase from the same criminal vendors, obfuscating identification. In this environment, the author urges readers to proactively mitigate common tools and methodologies by focusing on broader threat intelligence trends over specific threat actors. Furthermore, they promote organizations developing and exercising an incident response plan to give employees “muscle memory” once an attack has occurred. Read more at Help Net Security.