Security News > 2021 > June > Ransomware-as-a-service: How DarkSide and other gangs get into systems to hijack data
Expert says all companies are at risk, but especially smaller ones who may not have very secure systems.
They're basically like companies and that's the challenge with ransomware now is it's moved from this sort of opportunistic thing where there were a few criminals scattered around the world doing this, to being these as-a-service operations that basically mean any enterprising criminal can get access to ransomware for, I've seen it for less than $100, and then use that to infect stuff.
Marc Rogers: That's exactly right and we have a lot of evidence that the affiliates behind DarkSide literally scan the internet, looking for companies that have open systems with well-known old vulnerabilities.
What wasn't taken into account is that without the actual company being able to function, it doesn't matter if you have these control systems safe, there's nobody there to operate them and so it can't work.
I think the next thing is that even small companies should recognize they can be victimized by these ransomware gangs because the affiliates who operate off the back of this ransomware-as-a-service don't care who they're attacking.
If you're a 10-person or a 20-person company that doesn't even have a security team, how do you deal with this? And what I would say is reach out and find resources that can support you because ultimately the cost of dealing with one of these instances is going to far outweigh the cost of having, say, a managed security services provider on retainer.