Ransomware as a Service to increase profits
NetWalker adopted the RaaS (Ransomware as a Service) model, in under which the developer (or administrator) builds and updates the malware, while the affiliates identify the victims and execute the attacks. When the victims pay the ransom, the sum is split between the developer and the affiliates.Since this model involves more attacks, it is difficult to quantify exactly the amounts paid. Cybercriminals ask for ransom in Bitcoin or other cryptocurrencies, so the analysis of the blockchain allows to find the culprits. In the case of NetWalker, earnings of over $ 46 million have been estimated with ransoms of up to $ 65,000. The main targets are companies, municipalities, governments, hospitals and law enforcement agencies. ENEL was also one of the victims, but the ransom was not paid.
According to data from Chainalysis, nearly 350 million dollars were paid by ransomware victims in 2020. According to Bitdefender, the trend is expected to increase also in 2021. The advice is to make frequent backups to reduce the risk of losing data (the ransom must never be paid).
Source: CERT-AGID