Over the course of this year, DarkSide, a group of Russian hackers got the attention of the U.S. Department of State. In May 2021, DarkSide was responsible for a ransomware attack on Colonial Pipeline, extorting $5M for not leaking data they had on the Pipeline’s network. This is considered to be one of the major ransomware attacks on the U.S. infrastructure to this date. What we know about the DarkSide is that they: Operate as Ransomware as a service (Raas) Get their ransom in Bitcoin The U.S. Department of State issued an award of $10M for information that would lead to finding the group’s leaders. What makes Raas service concerning? Will the use of Bitcoin lead to DarkSide’s downfall? How come the U.S. Department of State got involved in this case? Let’s find out. What makes ransomware as a service especially dangerous? Ransomware as a service (Raas) is a strain of ransomware attacks that gives common people tools to conduct cyber attacks. Similar to other types of ransomware, the perpetrator uses malware to obtain access to a victim’s network. Once they grant access to sensitive data – they demand ransom. Raas works as software that’s dubbed affiliate – meaning users can buy it on underground forums and use it to create ransomware attacks. What makes this dangerous? You don’t have to be a hacker to extort companies with Raas. Anyone, even people with little to no skill can purchase an affiliate and target someo...
