This May 12 is the global Anti-Ransomware Day

This Wednesday, May 12, the Anti-Rransomware Day is celebrated. It was established by the cybersecurity company Kaspersky and INTERPOL to raise awareness about the effects of cyberattacks that require the payment of ransoms to people and companies, which coincides with the anniversary of the WannaCry cyberattack.

The groups responsible for ransomwar’ often hide the real complexity of the ecosystem of these attacks, but to help organizations understand how it works and how to combat it, Kaspersky analyzed the ‘darknet’ forums and investigated the groups REvil and Babuk , one of the most active, debunking some of the myths about ransomware.

Like any industry, the ransomware ecosystem is made up of many actors who take on various roles, in the face of the belief that the groups are actually closed gangs.

Among the main players involved in most attacks, Kaspersky cites developers, ‘botmasters’, access vendors and operators of ransomware.

These actors meet in specialized forums of the ‘darknet’, where you can find regularly updated announcements offering services and collaboration agreements. Large players that operate on their own do not frequent these types of site. However, groups known as REvil publish their offers and news on a regular basis using affiliate programs.

This type of participation implies a partnership between the operator of the ransomware group and the affiliate. In it, the attack operator takes a part of the benefits, between 20 and 40 %, while the remaining 60 or 80 % goes to the affiliate.

K. Tovar

Source: dpa