Ransomware attacks have become a pressing global issue, witnessing a staggering 40% increase in both frequency and severity over the past year.
Anna Collard, SVP Content Strategy & Evangelist at KnowBe4 AFRICA, has cautioned that South Africans are particularly vulnerable due to the escalating use of Ransomware-as-a-Service (RaaS).
The use of RaaS has surged by 40% over the last year, as threat actors now sell their sophisticated ransomware solutions and services, retaining up to 80% of the profits.
The availability of RaaS solutions on the dark web has rapidly escalated the threat of ransomware attacks.
These solutions are accessible at various price points, ranging from less than $100 to thousands of dollars, and often come with customer support, enabling attackers to execute multiple ransomware attacks with minimal technical expertise.
This accessibility has led to the evolution of ransomware, with cybercriminals focusing on enhancing its sophistication and capabilities to cater to the demands of potential buyers in the cybercriminal market.
South Africa is at increased risk due to its widespread use of English, making it an attractive target for attackers who need to negotiate with their victims in a common language.
The private and public sectors in South Africa heavily rely on digital infrastructure for critical operations, with companies prioritizing digitalization efforts to stay competitive in local and global markets. However, this increased reliance on digital platforms has exposed the country and its companies to vulnerabilities and risks.
Collard notes that North America, once the primary target for ransomware attacks, has seen a downward trend due to stringent government actions. This has led threat actors to turn their attention to countries like South Africa, which lack the resources and systems to combat cybercrime effectively.
The recent Cy-Xplorer 2023 report by Orange Cyberdefense highlights the evolving RaaS market and the changing targeting patterns, emphasizing the need for South African organizations to address the rising ransomware threat. RaaS has been simplified and commoditized, making it as easy to use and implement as a smartphone app.
Collard stresses the importance of user awareness in combating these threats, urging individuals to remain vigilant and companies to continually train and remind employees of the risks to prevent complacency.
Recognizing threats, being cautious with passwords and information, and reinforcing these messages are crucial steps in protecting data, people, and systems from the increasing prevalence of RaaS threats.