'RansomOps' attacks yield record returns for perpetrators

Ransomware,Cyber,Attack,Showing,Personal,Files,Encrypted,Screen

Early ransomware campaigns relied on sending out large volumes of emails in so called 'spray-and-pray' attacks.

But a new report released today by Cybereason highlights the rise of sophisticated RansomOps attacks that are allowing ransomware syndicates to reap the benefits of record profits.

These attacks are complex and akin to the stealthy operations conducted by nation-state threat actors, meaning ransomware attacks have become harder to defend against for most organizations, and emboldened threat actors have driven up their ransom demands as more and more organizations choose to pay.

"A shift by the ransomware gangs from wide-spread to targeted attacks against organizations that have the ability to pay multi-million dollar ransom demands has fueled the rise in attacks in 2021. No two RansomOps attacks garnered more publicity last year than those on Colonial Pipeline and JBS Foods. Unfortunately, we can expect to see a continued increase in attacks in 2022, with ransom demands increasing and critical infrastructure operators, hospitals and banks having targets on their backs," says Lior Div, Cybereason's CEO and co-founder.

The report reveals the four components of RansomOps:

  • Initial Access Brokers (IABs): These infiltrate target networks, establish persistence and move laterally to compromise as much of the network as possible, then sell access to other threat actors.
  • Ransomware-as-a-Service (RaaS) Providers: Which supply the actual ransomware code, the payment mechanisms, handle negotiations with the target and provide other 'customer service' resources to both the attackers and the victims.
  • Ransomware Affiliates: These contract with the RaaS provider, select the targeted organizations and then carry out the actual ransomware attack.
  • Cryptocurrency Exchanges: That launder the extorted proceeds.

Instead of paying up which brings no guarantee of retrieving data, may have legal implications and is likely to incentivize future attacks, Cyberreason suggests organizations should focus on early detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.

The full report is available from the Cybereason site.

Image credit: Andrey_Popov/ Shutterstock

Comments are closed.

Why Trust Us



At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

Regional iGaming Content

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.