Criminal hackers offering Ransomware-as-a-Service (RaaS) are reorganizing their business following the May 2021 ransomware attack on the US oil company Colonial Pipeline.


Several RaaS operators have either permanently or temporarily closed down their platforms, and several top-tier dark-web forums have banned recruitment operations from their platforms. As a result, the number of RaaS attacks decreased for a short period of time over the summer of 2021. However, other RaaS operators have since been quick to take over.


It is likely that some of these seasoned cyber criminals have not ceased their malicious activities but merely switched over to new platforms, causing the number of RaaS attacks to reach the same levels as seen before the Colonial Pipeline attack.


Consequently, the fact that parts of the supply chain can be replaced without seriously disrupting or hampering criminal activities is a testament to the robustness of the supply chain in criminal networks.

  • create Author

    Centre for Cybersecurity

  • today Release Date

    October 28, 2021

description Download publication