RaaS - Dangerous Model of self service ??

In the era of Iaas,SaaS & PaaS cloud self services, some people from Russia have introduced a new self service called "RaaS" nothing but "Ransomware as a service".

What is Ransomware?

It is a type of malicious software designed to block access to a computer system until a sum of money is paid.

But in order to carry out an ransom ware attack an user might require good technical knowledge about how to use the ransom ware to carry out a attack on a victims computer.

That is when a hacker took the "Karmen" an open-source ransom ware building toolkit and designed web-based control panel hosted on the Dark Web with a user-friendly graphical dashboard that allows buyers to configure a personalized version of the Karmen ransomware.

The web portal lets buyers maintain the count of number of infections and their profit in real time, allowing any user with very minimal technical knowledge to deploy Karmen on victim's computer. Simply saying an "On Demand Service".

Like the typical ransom ware, post infection the Karmen ransom ware encrypts the victim's files & popup a threatening message warning users not to interfere with the malware else, they might lose all their files.Currently the service is being sold on Dark Web for $175.

This shows even hackers are doing their best to make sure end users tasks are simplified and their product reaches all, for better destruction of It & financial assets.

With various developments which are happening in the IT industry, Imminent threats through modern methodologies are also increasing in parallel. This clearly proves cyber security is one important spectrum in any organization or nation's infrastructure to thwart any kind of intruders to safeguard their assets. Like Ops,Dev,Engineering, Cyber Intelligence unit will become common vertical in any organization it may be a Enterprise or SME.

Implementing developing trends like machine learning & AI for Network traffic anomaly detection, Risk Assessment, cyber forensics and intrusion detection/prevention will surely give the edge over the malicious threats roaming around us.