Earlier this week ZDNet profiled an incredible exit strategy of one of the largest Ransomware operators of the last 12 months, GandCrab.
Setting aside irony, the professionalism of the operation should catch the attention of any business owner. The operators have a Software as a Service (SaaS) business model, complete with online forum support for paying customers. They send out private emails to current customers about plans in change of service, including advising their customers to get their victims to cash in before it is too late. They are shutting down their service after claiming to have made and successfully laundered $150m.
Also, the operators plan to delete the decryption keys, so without a backup victims will be toast.
So what are the takeaways?
- Ransomware has graduated to the level of truly organized crime: these are teenagers in their parents’ basements
- The industry is so profitable AND competitive so as to have a “B2B” sphere, complete with customer support
- It was true a few years ago that ransomware operations were largely opportunistic: today the money involved means you are an active target