They call it “Ransomware-as-a-Service” (“RaaS”). But it’s really a franchise. A criminal franchise, but a franchise nonetheless.
It works like this: the Franchisor develops a suite of tools to hack into a victim’s computer systems, steal by downloading all of the data and then encrypt all of the data found there. The victim can no longer access its computer data, whether it’s billing records, medical records, school records, utility operating systems software or whatever. To regain access to the encrypted data, the victim has to pay ransom. If they don’t, they lose the data forever, and risk as well having the data sold on the Dark Web.
The Franchisor doesn’t hack into the victims’ computers. Instead, it uses “affiliates” – franchisees – to identify vulnerable systems and hack into them. Just like a franchise agreement, the Franchisee gets use of the Franchisor’s software for a piece of the action. They…
View original post 622 more words