Resources

Dark Reading: What the Conti Ransomware Group Data Leak Tells Us

Written by Editorial Team | Mar 24, 2022 2:45:28 PM

Recently Bryce Webster-Jacobsen, Director of Intelligence Operations at GroupSense, was featured on Dark Reading's "What the Conti Ransomware Group Data Leak Tells Us".

"Knowing the inner workings of Conti will not only help ransomware negotiators but also help organizations to better handle a ransomware attack when it happens."

As tensions continue to rise regarding Russian's invasion of Ukraine, the Conti ransomware group — a Russia-based organization responsible for high-profile attacks on large enterprises as well as critical infrastructure networks — initially announced its support of Putin's invasion on the group's data leak site before issuing a retraction, claiming it condemns "the ongoing war." Conti noted in a follow-up statement on March 1 that "retaliatory measures" would be taken if the West launched cyberattacks against Russia or Russian-speaking countries.

However, on Feb. 27, a Ukrainian security researcher leaked almost two years' worth of internal chat logs from the group, which contain approximately 400 files, including thousands of internal chat logs.

At GroupSense, we maintain a thorough library of intelligence on ransomware groups, including Conti, developed through our ongoing research and ransomware negotiations. Most notably, we knew that Conti operated like a traditional business as well as about its ties to Russia; however, the leaks revealed more details about the inner workings of Conti — its ransomware-as-a-service (RaaS) structure, the business challenges it faces, certain behaviors, and more. Here's some of the key data we learned so that you can better understand the group and protect your organization.

Read the full article on Dark Reading to find out:
  • Operational and Pay Structure
  • False Claims and Business Challenges
  • Office Politics and Negotiation Behavior

Click here to see the Dark Reading article >

About Bryce Webster-Jacobsen

Bryce is the Director of Intelligence Operations at GroupSense, a leading provider in Digital Risk solutions. Bryce leads the day-to-day intelligence activities of GroupSense's Analyst and Research teams producing finished, tailored intelligence for our diverse clients.

Prior to GroupSense, Bryce worked in strategic international education initiatives while pursuing OSINT training and investigations, primarily focused on studying extremist movements, as a passion project.