"The era where two or three RaaS operators controlled the majority of incidents appears to be over - at least for now. The distinction between initial access brokers, affiliates and core operators has become increasingly blurred."
"Their tactics tend to be more aggressive and less constrained by the traditional norms that previously deterred attacks on certain sectors such as healthcare."
"still very active"
Ransomware-as-a-service (RaaS) remains a dominant force despite major law enforcement takedowns. Crackdowns have produced a notable splintering of the ransomware ecosystem, blurring the lines between initial access brokers, affiliates, and core operators. The threat environment has become more fragmented yet still very active. Numerous smaller operations, including DragonForce, have filled gaps left by large groups and have adopted more aggressive tactics that disregard prior sectoral restraints such as avoiding healthcare. Data encryption in attacks is declining as organizations strengthen backups and recovery processes, reducing the effectiveness of traditional encryption-based extortion. Attackers continue to adapt their methods.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]