How Ransomware Evolved Into a Big Business - Ep.256
57:39 Share

Gurvais Grigg, Chainalysis public sector CTO, and Kim Grauer, director of research at Chainalysis, review the ransomware landscape. Show Highlights:

• their backgrounds and roles at Chainalysis
• how a ransomware attack works
• what types of businesses are usually targeted in ransomware attacks
• why ransomware as a service (RAAS) is a booming business
• why Kim and Gurvais believe the hacking group REvil is becoming more sophisticated
• what characteristic of REvil hints that the group could be affiliated with Russia
• how the RAAS business model works
• how ransomware payments can be tracked
• why ransomware reporting has a data problem
• why Bitcoin is the preferred method of payment amongst ransomware attackers
• what two factors makes BTC preferable to privacy coins
• how ransomware groups teach victims to transfer BTC
• how ransomware groups cash out of their BTC
• how counter-terrorism tactics can help fight ransomware attacks
• how the Department of Justice may have partially recovered part of the Colonial Pipeline ransomware payment
• what tools and strategies governments can and will use to battle ransomware

Thank you to our sponsors!

Crypto.com): https://crypto.onelink.me/J9Lg/unchainedcardearnfeb2) 

Tezos: https://tezos.com/discover?utm_source=laura-shin&utm_medium=podcast-sponsorship-unconfirmed&utm_campaign=tezos-campaign&utm_content=hero) 

Conjure: https://conjure.finance) 

Episode Links

People

Kim Grauer - Director of Research at Chainalysis

• https://www.linkedin.com/in/kimberly-grauer-a9501144)

Gurvais Grigg - Global Public Sector Chief Technology Officer at Chainalysis

- https://www.linkedin.com/in/gurvais-grigg-b1027a153/) 

Chainalsysis Ransomware Data

- https://go.chainalysis.com/rs/503-FAP-074/images/Ransomware-2021-update.pdf)  

- https://go.chainalysis.com/rs/503-FAP-074/images/Chainalysis-Crypto-Crime-2021.pdf)  

- https://blog.chainalysis.com/reports/applying-counterterrorism-strategies-to-ransomware)  

https://blog.chainalysis.com/reports/eastern-europe-cryptocurrency-market-2020) 

Ransomware Attacks

• Kaseya
• https://decrypt.co/75246/what-the-revil-ransomware-attack-means-for-crypto)

https://www.abc.net.au/news/2021-07-03/ransomware-attack-us-revil/100265656) 

• Colonial Pipeline

https://ciphertrace.com/ransomware-seizure-blockchain-analytics-helps-us-authorities-seize-over-2-million-in-darkside-ransom-paid-by-colonial-pipeline/) 

https://www.elliptic.co/blog/us-authorities-seize-darkside) 

• JBS Holdings
• https://www.wsj.com/articles/jbs-paid-11-million-to-resolve-ransomware-attack)

Other

• Chainalysis 

• Twitter: https://twitter.com/chainalysis)

• Website: https://www.chainalysis.com/)

• Who is REvil? 

• https://fortune.com/2021/07/07/what-is-revil-ransomware-attack-kaseya/)

https://unit42.paloaltonetworks.com/revil-threat-actors/) 

• Combating ransomware: https://securityandtechnology.org/ransomwaretaskforce/report/) 
• Why Gurvais joined Chainalysis: https://blog.chainalysis.com/reports/gurvais-grigg-chainalysis)

Learn more about your ad choices. Visit megaphone.fm/adchoices)