What Is Ransomware-as-a-service (RaaS)?
Ransomware-as-a-Service Definition:
Ransomware-as-a-Service, shortly known as RaaS, can be described as a business model created by ransomware operators to attract affiliates. The model requires affiliates to pay the malware creators to launch ransomware attacks. The name and model is “inspired” by the software-as-a-service IT business niche.
RaaS Extended Definition: The RaaS model enables cybercriminals of all ranks to participate in malicious attacks against various targets, such as individuals and organizations. The ransomware’s author makes the malicious code available to affiliates, who then become able to use the malware to encrypt victims’ data and extort them via ransom payments in cryptocurrency. Participating in the RaaS model requires little to no specific technical skills. Furthermore, it enables affiliates to enter the cybercrime world which was previously only available to malware authors. All that is required is knowledge to access the dark web and one of its many marketplaces.
For the ransomware’s authors, the ransomware-as-a-service model makes it easier to scale their operations and earnings with less personal skills. Offering the ransomware to affiliates (a.k.a. customers) removes them from the final crime, as another person is performing the act of extortion.
Examples of RaaS families include DarkSide, Petya, Dharma, and LockBit.
For more definitions, check our Cyber Dictionary.