Reimagining Cyber Extra! Ransomware: The Good, The Bad, and The Ugly

It’s been a mixed few weeks if you are in the ransomware game. (If you listen to this podcast, we presume you are not a cybercriminal but do get in touch if you are and leave us your full contact details).

In this episode, Rob and Stan look at the hacks that have made the headlines and suggest what can be done to stop them from happening to you.

First up for discussion is ransomware-as-a-service malware LockBit hitting ION Trading UK:
“It left scores of brokers unable to process derivative trades and they had to resort to manual methods. Imagine them going back to using spreadsheets to figure out what’s going on as far as their trades”

LockBit threatened to publish stolen data unless a ransom was paid and ION Trading did as they were told. Rob and Stan talk about the incident and the potential repercussions.

The episode also looks at a ransomware campaign targeting VMware ESXi technology:
“It’s a previously known vulnerability. It’s been out there for two years. But the reality is that organizations have been slow in patching it. There was a general warning put out by Italy’s National Cybersecurity Agency, warning about a large-scale campaign now exploiting this vulnerability. Thousands of computer servers across Europe and North America could potentially be impacted. And this context is, well if you’re not going to patch, we’ll take a advantage of that”

But there’s also been bad news for the threat actors.
Rob and Stan give their take on the sabotaging of the Hive ransomware group by the FBI and other law enforcement agencies.
“This take down shows that international enforcement against ransomware threat actors is increasing. I think this is a good sign. It may make it more difficult for some of these entities to target organizations in the future, but, they’re still ongoing and so it’s going to be difficult to truly mitigate this threat if you can’t reach those that are behind it.”

There are callbacks to other relevant episodes of the Reimagining Cyber podcast:

Episode 12, Brett Thorson, Colonial Pipeline fuels the fire: not the first, not the last, and how to protect for the future
www.buzzsprout.com/2004238/10791017

Episode 2, Jim Routh, Unconventional approaches to improve enterprise resilience
www.buzzsprout.com/2004238/10791027

Episode 27, Shawn Tuma Cyber insurance in the wake of Log4j
www.buzzsprout.com/2004238/10791001

Episode 15, Shawn Tuma – So you’ve been hacked, now what?
www.buzzsprout.com/2004238/10791014

Plus, the Galaxy threat actors report
https://publications.cyberres.com/view/679673707/

Rate and review the show on Apple Podcasts.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]

OpenText has completed the purchase of Micro Focus. We are excited to provide expanded offerings to support our customers’ growing needs to digitize and work smarter. The world of information management just got stronger. We are now 25,000 experts strong making us better able to help our customers and fuel our innovation. OpenText powers and protects information to elevate every person and every organization to be their best.