Low-level cyber criminals are trying to get in on the act, using ransomware as a service, where hackers do the work in exchange for a cut of the profits for ne’er-do-wells with little or no idea about how to commit the crime themselves..
One particular unsophisticated, clumsy and amateurish ransomware campaign attempts to fool employees into installing DemonWare ransomware on their organisation’s network, in return for a substantial slice of the payout.
While dangerous, cyber criminals operating at this level are also pragmatic and less greedy than their more sophisticated and organised peers and prepared to accept much smaller sums than they initially demand. The real purpose of the exercise appears to be the wide distribution of the ransomware within companies’ IT infrastructure.. Limiting user privileges, especially admin access, can head of this type of cyberattack by reducing the number of people in an organisation who have the necessary access to key parts of the network.