Fortinet predicted an increase in new vulnerabilities and more "left-hand" activity, or pre-attack reconnaissance and weaponizations, among attackers, paving the way for further escalation in the growth of Crime-as-a-Service(CaaS). And in the first half of 2022 alone, the number of new ransomware variants identified by Fortinet increased by nearly 100% compared to the previous six-month period, with the FortiGuard Labs team documenting 10,666 new ransomware variants in H1 2022, compared to just 5,400 in H2 2021.
This explosive growth in new ransomware variants is largely due to the growing popularity of RaaS on the dark web.
Like streaming media or food delivery apps, Fortinet expects cybercriminal organizations to embrace subscription-based services and purchase plug-and-play ransomware for a quick payday. To increase the pressure on victims, RaaS operators often threaten to release stolen data on the dark web if their demands aren't met.
While the number of ransomware variants introduced is skyrocketing, largely due to RaaS, ransomware payments are also on the rise. The U.S. Treasury Department's Financial Crimes Enforcement Network (FinCEN) reported that organizations paid nearly $600 million for ransomware in the first half of 2021, putting the U.S. on track to surpass the combined payouts of the previous decade in a single year.
According to one survey, 72% of respondents said they have a ransom policy in place, and the procedure for 49% of them is to pay the ransom outright.
Fortinet now predicts that the CaaS market will expand significantly through 2023 and beyond, with new exploits, services, and structured programs soon to be offered to threat actors through subscription models.