Resources

The Ragnar Locker ransomware gang put its victims on notice: If victims call investigators, the FBI or ransomware negotiators for help the punishment will be publishing encrypted files.

Bryce Webster-Jacobsen, Director of Intelligence Operations at digital risk protection / ransomware negotiators GroupSense, was a featured guest on Threatpost’s podcast this week. Bryce spoke to Lisa Vaas about what Ragnar Locker got wrong about ransomware negotiators. Below are a few highlights from the conversation.

Kurtis Minder shielded his laptop screen from prying eyes in the airline seats around him.

Ransomware attacks have increased significantly over the past year. There were 93% more ransomware attacks carried out in the first half of 2021 than the same period last year.

On Monday, cryptocurrency finance firm the Poly Network ended its strange journey with a hacker or hackers who stole $611 million, when the remaining funds were returned. It was a sequence of events so baffling, it will leave many people to wonder if common-sense rules for negotiations still apply.

They used to be a safe space for hackers to coordinate attacks, but with online forums worried about unwanted attention from law enforcement, many have banned ransomware posts. And—as is usually the case in the whack-a-mole game of hacking—cybercriminals are finding a way around the new restrictions: a coded language to bypass suspicion.

According to a former senior White House official, 2020 was the year that ransomware went from being a nuisance to a full-scale national security threat and a “scourge.” The frequency of ransomware attacks has increased dramatically over the past year, with 93% more carried out in the first half of 2021 than the same period last year. Ransom payments topped over $400 million last year and is on pace for another record breaking year in 2021. Although those payments may seem jaw-dropping its nothing compared to the damage that a ransomware attack can cause on enterprises and critical infrastructure such as the attack on Colonial Pipeline.

On today’s No Name Security Podcast, Matt Stephenson welcomes 3 people doing very cool things in a very cool industry… and… they happen to be to very cool people. Kurtis Minder is the co-founder and CEO at GroupSense, Tom Pace is the co-founder and CEO at NetRise and Scott Scheferman is the Chief Strategist at Eclypsium. They are each legendary incident response types who were at Black Hat for a multitude of reasons. Why were they there…? Stick around and find out!

Ransomware is a present-day digital plague — cold, methodical and indifferent. Spreading from source to source, it can lie dormant within networks for years, biding its time before striking.

When: August 6th, 1:00 pm to 2:00 pm PST

Where: DEF CON main stage panel

According to a former senior White House official, 2020 was the year that ransomware went from being a nuisance to a full-scale national security threat and a “scourge.” After an awkward adolescence spent shaking down individual users for a couple hundred dollars and a big debut in 2017 with WannaCry and NotPetya , ransomware really hit the big time in 2020.

Kurtis Minder joined Security Guy TV for a discussion on ransomware negotiation and ransomware preparedness programs.