Summary:
In this episode of Exploring Information Security, we dive deep into the dark, complex world of ransomware gangs with returning guest Kyle Andrus. Drawing on leaked chat logs, real-world cases, and extensive incident response experience, Kyle helps us understand the internal operations, motivations, and evolution of these cybercriminal organizations.
We explore how ransomware gangs are structured like modern corporations—with developers, access brokers, negotiators, HR, and even customer support. Kyle also shares insights into how these gangs are adapting to legal pressure, sanctions, and the cybersecurity community’s defensive advancements.
Topics covered:
The organizational structure of ransomware gangs
Ransomware-as-a-Service (RaaS) models and profit sharing
Affiliate programs, access brokers, and laundering tactics
The impact of geopolitics on ransomware operations
Creative pressure tactics, including triple extortion and SEC complaints
The role of insider threats and chat log leaks (e.g., Conti)
Use of AI by defenders and attackers
The evolving response of law enforcement and regulation
Support the Podcast:
Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.
Contact Information:
Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.