In this episode of ‘Cybersecurity Today,’ the host welcomes Tammy Harper from Flair.io for an in-depth exploration into the ransomware ecosystem. Tammy, a seasoned threat intelligence researcher and certified dark web investigator, shines a light on the complex world of ransomware, its history, business models, and the various threat actor groups involved. The discussion covers initial access brokers, notable ransomware groups like Conti and LockBit, and modern shifts in the ransomware landscape fueled by AI and affiliate models. This episode offers a comprehensive guide for understanding how ransomware operates and the tactics used by cybercriminals, making it a must-watch for anyone interested in cybersecurity.
00:00 Introduction
00:50 Meet Tammy Harper: Expert in Ransomware
01:59 Understanding the Ransomware Ecosystem
03:26 Ransomware Business Models and Initial Access Brokers
06:39 Double and Triple Extortion Explained
10:50 The Evolution of Ransomware
15:43 The Role of Cryptocurrency in Ransomware
19:22 The Rise and Fall of Conti
25:56 Tools of the Trade: EMOTET, ICEDID, and TrickBot
33:35 LockBit and the Ransomware Cartel
36:37 The National Hazard Agency and Ba Lord
38:13 LockBit Training Materials
40:23 Ransomware Negotiations
40:54 Ransom Chat Project
41:58 Conti vs. LockBit Negotiation Tactics
47:30 Modern Ransomware Groups
51:18 Medusa and Other Emerging Groups
01:04:52 Initial Access Market
01:09:41 Conclusion and Final Thoughts
Read the original article: