The Evolution of Ransomware | Torchlight Security

Understand the current trends in ransomware, from tactics to targets and learn how to protect your business.


The Evolution of Ransomware

Over the past 40 years, the threat of ransomware has grown exponentially from initial generalized threats to targeted and specialized takedowns. New technology and the organization of perpetrators have evolved, and ransomware demands have never been higher. In this post, we break down current trends and origins, so you can determine how to best protect your business.

Traditional Ransomware

  • Many targets, limited differentiation, or control
  • Victims not often complying

Post-Intrusion Software

  • Maximized destruction
  • Reduced to specialized targets
  • More control over deployment with higher ransom demands and payments


  • Less easily trackable
  • Allows large scale payments to hackers quickly

Ransomware as a Service (RaaS) Model

  • Specialization between Initial Access Specialists or Brokers, Affiliates, and Operators allowing for greater scale in ransomware operations
  • Same cybercriminal organizations that are building the malware, etc. aren’t usually the ones deploying it
  • Allows for better organized attackers to hunt for big name targets
  • Also allows individual attackers to randomly target, find, and exploit vulnerabilities across a diverse range of victims

Name and Shame Operations

  • Threaten to publish stolen data if the ransom isn’t paid

Shift from Name and Shame to Data Theft and Sale

  • Shift away from ransomware to simple data theft – doesn’t leave the operators potentially exposed to government scrutiny or search
  • Exfiltrating data instead of just infiltrating and encrypting

What can you do to protect your company against the evolving threat of ransomware?

  • Ensure your company is diligent with core security hygiene including up to the minute patching and replacing obsolete SSL protocols
  • Create a well-documented and well-practiced incident response plan
  • Ensure policies, controls, and security training is in place for staff
  • Adopt the zero-trust methodology
  • And more…

How can you protect your company?

  • Contact us to design, build, and manage your company’s security risk strategy so you can continue operating and running your business.