Ransomware is malicious software that encrypts data on a victim organisation’s information system, preventing access to that data. Ransomware operators demand that the victim pay a ransom in exchange for the decryption key (usually in the form of bitcoin).

The most popular ransomware at the moment is RaaS, Ransomware-as-a-Service: its proliferation is undoubtedly due to the low level of knowledge required to use it.

The RaaS business model is relatively simple: a group of cybercriminals develops ransomware and distributes it via other cybercriminals who pay to use it. The ransomware is delivered in the form of a ‘ready-to-use kit’, allowing it to be distributed at will. It should be noted that affiliation can sometimes be paid for in the form of a commission on the ransom paid by victims to the affiliate.

In general, several subscription formulas are offered. In many cases, the cheapest formula allows the affiliate to benefit only from the ransomware itself and the decryption key. Other, more expensive packages include software updates, technical support, etc!