Have you ever wondered just who are the bad guys that do cyber attacks?
Well, in this three-part series of cyber security fundamentals by Onsite Logic, we’ll be talking about the three main players— the big guys, the little guys, and the local connection guys.
The big guys in the world of ransomware and extortion ware are the enterprise-level players.
They’re large organizations that can be comprised of hundreds if not thousands of individuals, and they operate like any other business, although operating in an illegal line of business.
They have HR departments. They keep financial records. They have team-building exercises. They have vendors that they outsource things to, such as call center activities or payment processing. And they operate in an area with the goal of making money. They just happen to make it through ransoms and extortion wear and other illegal activities centered around taking advantage of the data that exists in the world and the importance of that data and keeping it accessible and confidential.
They often will be contracted by nation states to do work on behalf of the state, but more commonly, what we see is just like some of the old organized crime they will have members of the government “on the payroll,” and they’ll be on their book transactions where they’re sending money to various government officials either officially or unofficially in order to avoid any trouble or prosecution.
They operate worldwide, but the majority of them are in parts of the world where they condone some of this activity because it is creating revenue streams coming into the country that didn’t get funneled up into the leadership of the organization.
They’re very difficult to identify and stop.
There have been infiltrations which is how we learn more about them. They rebrand constantly, so they’re changing names. Their evil will exist, and it’ll go away, and then it’ll re-emerge. Players that were a part of the CONTI organization all of a sudden now will be called Black Cat, and so there’s a lot of rebranding that happens— some obfuscation to cover up their tracks with it.
And they play predominantly at the enterprise space, so they’re doing attacks such as the Colonial Pipeline or major hospitals such as UCSF or Scripps or some of the other hospital chains, but they are collecting millions and billions and trillions of dollars and at a very high-profit margin. Even though they play predominantly at the enterprise level, they are not above having some attacks that go against smaller and mid-sized organizations.
Stay tune for part 2 of Who Are the Bad guys and if you’re looking for a strong solutions to your cybersecurity concerns, don’t hesitate to reach today!