(844) 627-8267
(844) 627-8267

How Ransomware Groups Respond to External Pressure | #ransomware | #cybercrime

Yelisey Bohuslavskiy of Red Sense on Why Large Ransomware Groups Have Decentralized

Yelisey Bohuslavskiy, chief research officer and partner, Red Sense

Ransomware groups, like legitimate businesses, must adapt and change as they grow, in response to trends and external pressures – such as law enforcement actions. To survive, many large ransomware groups have adopted decentralized structures, said Yelisey Bohuslavskiy, chief research officer and partner with Red Sense.

See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense

The now-defunct Conti group’s downfall was triggered by a single leader’s controversial statement about supporting Russia’s invasion of Ukraine. This caused other leaders within the group to recognize the vulnerability of being dependent on centralized leadership and resources. As a result of “lessons learned,” Bohuslavskiy said, the operation restructured as independent, decentralized units “to prevent having one person take down the whole operation.”

In this video interview with Information Security Media Group at Black Hat USA 2023, Bohuslavskiy also discussed:

  • Why adversaries are relying on customized malware;
  • How compliance audits and cyber insurance requirements have shaped the ransomware landscape;
  • How ransomware actors refine their targets by avoiding sectors unlikely to yield ransom payments.

Bohuslavskiy previously served as co-founder and head of research and development at threat intelligence firm Advanced Intelligence. He previously worked as a cyberthreat intelligence analyst at Flashpoint and due diligence researcher at Kroll.

Source link

National Cyber Security