Resources

In this interview Rodrigo Andrade receives Kurtis Minder, CEO of GroupSense and Ransomware Negotiator. They talk about what to do in case of attacks, who are the main targets and how to prevent and stay safe from these crimes.

Ransomware. Does that term ring a bell? Even if you've never heard those words before, trust me, most of us have experienced Ransomware one way or another. If you live on the East Coast, you remember waiting long hours at the gas pump this past May. That's because a hacking group known as DarkSide hacked the Colonial Pipeline. The hackers demanded a ransom for 75 bitcoins which is equivalent to $4.4 million. How did the hackers break into the oil company's system? Easy. Some employees used the same password they used on another account that was previously hacked. And guess what? Colonial Pipeline paid the ransom and the hackers. $4.4. million dollars—gone, just like that.

The Ragnar Locker ransomware gang put its victims on notice: If victims call investigators, the FBI or ransomware negotiators for help the punishment will be publishing encrypted files.

Bryce Webster-Jacobsen, Director of Intelligence Operations at digital risk protection / ransomware negotiators GroupSense, was a featured guest on Threatpost’s podcast this week. Bryce spoke to Lisa Vaas about what Ragnar Locker got wrong about ransomware negotiators. Below are a few highlights from the conversation.

Kurtis Minder shielded his laptop screen from prying eyes in the airline seats around him.

On Monday, cryptocurrency finance firm the Poly Network ended its strange journey with a hacker or hackers who stole $611 million, when the remaining funds were returned. It was a sequence of events so baffling, it will leave many people to wonder if common-sense rules for negotiations still apply.

They used to be a safe space for hackers to coordinate attacks, but with online forums worried about unwanted attention from law enforcement, many have banned ransomware posts. And—as is usually the case in the whack-a-mole game of hacking—cybercriminals are finding a way around the new restrictions: a coded language to bypass suspicion.

According to a former senior White House official, 2020 was the year that ransomware went from being a nuisance to a full-scale national security threat and a “scourge.” The frequency of ransomware attacks has increased dramatically over the past year, with 93% more carried out in the first half of 2021 than the same period last year. Ransom payments topped over $400 million last year and is on pace for another record breaking year in 2021. Although those payments may seem jaw-dropping its nothing compared to the damage that a ransomware attack can cause on enterprises and critical infrastructure such as the attack on Colonial Pipeline.

On today’s No Name Security Podcast, Matt Stephenson welcomes 3 people doing very cool things in a very cool industry… and… they happen to be to very cool people. Kurtis Minder is the co-founder and CEO at GroupSense, Tom Pace is the co-founder and CEO at NetRise and Scott Scheferman is the Chief Strategist at Eclypsium. They are each legendary incident response types who were at Black Hat for a multitude of reasons. Why were they there…? Stick around and find out!

Ransomware is a present-day digital plague — cold, methodical and indifferent. Spreading from source to source, it can lie dormant within networks for years, biding its time before striking.

When: August 6th, 1:00 pm to 2:00 pm PST

Where: DEF CON main stage panel

According to a former senior White House official, 2020 was the year that ransomware went from being a nuisance to a full-scale national security threat and a “scourge.” After an awkward adolescence spent shaking down individual users for a couple hundred dollars and a big debut in 2017 with WannaCry and NotPetya , ransomware really hit the big time in 2020.