Ransomware & Russia

Ransomware remains one of the largest threats in cybersecurity. This threat only keeps growing larger and larger. More Ransomware parties are coming up and the amount of attacks is drastically increasing. Most Ransomware parties are from Russia or have members from Russia. Not only that, but these parties also have connections to i.e. Russian intelligence officers. We learned this from leaked chat logs from such a Ransomware party.

In this talk we will be looking into a couple of the largest Russian ransomware parties, how they operate, their structure and hierarchy, how they launder the money, etc. Most of which we learned from leaked chat logs.

Another big leak from this year were the Vulkan files, which provided insight into Russia's offensive cybersecurity program against Western countries. Russia is cooperating with different threat actors and organizations to achieve their goals in offensive cybersecurity. In the leaked chats there have also been examples of Russia collaborating with this Ransomware party to obtain vaccination information through hacking activities, during the start of the Covid pandemic, and cooperating to hack and silence a Bellingcat journalist who was writing about Navalny.