Please wait, authorizing ...

Don't have an account? Register here today.


Ransomware as a Service (RaaS) on the Rise in Latin America

Ransomware como servicio RaaS

Latin America. Oswaldo Palacios of Guardicore commented that RaaS, the sale of ransomware to people without great technical knowledge, is a service offered by cybercrime groups such as Conti and is booming in Colombia, Mexico and Brazil.

This service, better known as RaaS and which gives the buyer the possibility of attacking a specific object, has increased its offer in the Latin American region due to the appearance of new groups that offer these services through the Dark Web and Deep Web.

According to Akamai's 2022 ransomware threat report, such ransomware-as-a-service groups have taken on similar operating structures to companies looking to extort, so they have practices like customer service and new employee training.

Oswaldo Palacios, senior account executive at Guardicore, estimated that a greater number of ransomware attacks carried out in 2021 were via RaaS due to its accessibility.

- Publicidad -

According to the expert, in the RaaS model "a hacker or group of hackers develop a ransomware and put it on sale on the Dark Web and Deep Web, so that anyone, without the need to have great technical knowledge, can buy it and use it to carry out sophisticated attacks against companies or public institutions in a relatively simple way"

Oswaldo explained that previously a large-scale attack operation required cybercriminals to be qualified hackers, however, now thanks to x-as-a-service models this is no longer necessary. According to their considerations, the RaaS model benefits malware developers because it allows them to focus on improving their ransomware while their affiliates focus on distribution, a highly lucrative exercise.

However, since ransomware-as-a-service groups operate similarly to software development companies, they sell or rent compact, easy-to-deploy malware kits, they even offer support services to emerging cybercriminals, thus reducing the barrier to entry, as well as accelerating the introduction and spread of attacks.

Moreover, the Akamai study reveals that Conti is one of the most lethal groups generating RaaS variants from Russia. But competition among RaaS suppliers has also increased and the emergence of new groups has been detected.

"Although there is no way to know the exact location of these cybercriminals, there are tools and methodologies to mask the location and be able to attack any target from a country other than the location of the criminals. Location is presumed due to attacked companies, language and ransom messages. On some occasions the Cyber Police have managed to track the connections or attack centers, with Colombia, Mexico and Brazil being the countries with the highest cybercriminal activity in Latin America," Palacios said.

Similarly, the Akamai report highlights that it is not surprising that Conti's attacks target specific regions. In addition, the cybercrime organization has revealed that they have several departments in charge of administration, finance and human resources, along with a classic organizational hierarchy with team leaders who depend on senior management.

How RaaS works
This service operates mostly through four ways: (1) paying a monthly subscription in exchange for using the ransomware; (2) through affiliate programs, where in addition to the monthly fee a commission is also paid from the benefits of the ransom; (3) by means of a single-use license without commission; (4) or through commissions, i.e. there is no monthly or entry fee, but the developers of the ransomware take a commission for each successful attack and ransom received.

- Publicidad -

Despite this, organizations can implement strategies to mitigate the impact of potential ransomware attacks. While it is not always possible to prevent a ransomware attack from occurring, entities can improve their ability to respond to these incidents and minimize the damage caused.

Micro-segmented data center effective prevention
Having a micro-segmented data center is relevant to protect digital assets and one of the most efficient ways to maintain a safe and smooth operation.

Oswaldo Palacios, explained that a micro-segmented data center works by authorizing communications and access in a granular way, this means "at the process level", so there would be no way in which an attacker can access important data. He even confirmed that "if the attack comes from within the organization, it cannot spread and is easily located, so we are facing a disruptive tool from the point of view of cybersecurity."

Iris Montoya Ricaurte
Author: Iris Montoya Ricaurte
Periodista con amplia experiencia en corrección de estilo y generación de contenidos de valor para el sector especializado -

No thoughts on “Ransomware as a Service (RaaS) on the Rise in Latin America”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis

Entrevista con Mauricio Swain de Milestone en Expo Seguridad 2022

La participación de Milestone Systems en Expo Seguridad 2022 estuvo caracterizada porque la marca estaba impulsando su solución Rapid Review, un pulg-in para hacer búsquedas forenses en videovigilancia y por la participación de Mauricio Swain, el nuevo director de ventas para Latinoamérica, quien asumió el cargo en el mes de mayo.

Entrevista con Carlos García Almeida de Magal Security Systems en Expo Seguridad 2022

Magal Security Systems sorteó los retos de logística tras la pandedia al tener una previsión de la demanda y comunicarse de forma directa con los clientes. En su participación de Expo Seguridad 2022, esta marca estuvo impulsando su plataforma Fortis X, recientemente actualizada , la cual sirve para la gestión de seguridad, operatividad y de eficiencia, en puertos marítimos y centros logísticos.

Entrevista con Mauricio Cañas de Johnson Controls en Expo Seguridad 2022

Inteligencia Artificial en las cámaras de las líneas Pro y Flex, una cámara multisensor Pro y los dispositivos Body Worn, así como controles de acceso fueron las múltiples novedades que presentó Johnson Controls en Expo Seguridad 2022

Entrevista con Tatiana Bolivar y Alejandro Espinosa de HID en Expo Seguridad 2022

Impresión de tarjetas con tecnología de inyección de tinta y gestión de la información para la generación de credenciales centralizada en la nube, así como los servicios de tarjetas virtuales para el control de acceso, fueron las soluciones que presentó la marca HID en Expo Seguridad 2022.

Entrevista con Antonio Arceiz de Gesab en Expo Seguridad 2022

La propuesta de Gesab para la versión 2022 de Expo seguridad se concentró en su version nueva de Deskwall, una herramienta pensada para que el operador del Videowall, en vez de enfrentarse a múltiples y enormes pantallas, pueda gestionar la información desde un lugar que no escape a su campo de visión.
Load more...

Latest Newsletter