Security News > 2021 > May > Ransomware attribution: Missing the true perpetrator?

Historical focus solely on attribution has made way for consideration of the human and financial toll that ransomware can have, not only to an organization but also to wider society.

Recent events have introduced the world at large to ransomware variants previously only discussed within the information security industry.

Through ransomware-as-a-service there exists a business model that supports 'partners' to carry out attacks against victims, and to share the profits with the developers of the ransomware.

Recent ransomware attacks, using tools such as DarkSide, were indeed carried out by such partners.

Fast forward a few months and the growth of Sodinokibi may have answered those questions, while confirming that rumours of senior partners' retirement from the ransomware scene may have been greatly exaggerated.

While the developer(s) should not escape the ferocity of anger placed upon them, it seems the affiliates continue their activities and can simply move to any number of other schemes should actions lead to the disruption of the ransomware group they have agreed to work with.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/FqiCrTelPYA/