Episode 16: How Ransomware Gangs Function With Ilana Touboul, a Cyber ​​Threat Intelligence Analyst at Cybersixgill

May 12, 2022

Listen on SpotifyListen on Apple Podcasts

Episode Summary

The number and scope of ransomware gangs’ activities grow daily. But not many organizations are aware of the risks these activities carry. Also, the ongoing war in Europe shows that battlefields exist in the digital world and can cause damage that can devastate entire economies and social orders.

Therefore, organizations must ensure constant education of their personnel regarding the importance of cybersecurity. 

In this episode of Dr. Dark Web, Ilana Touboul joins our host Chris Roberts. Ilana is a Cyber ​​Threat Intelligence Analyst at Cybersixgill and has experience in technical documentation and user guide building for military and civilian end users.

Ilana and Chris discuss ransomware gangs, how they choose their victims, their motives for attacking, and how companies and governments can protect against them.

Podcast Expert

  • Name: Ilana Touboul
  • What she does: Ilana is a Cyber Threat Intelligence Analyst at Cybersixgill.
  • Company: Cybersixgill
  • Noteworthy: Ilana has experience in technical documentation and user guide building for military and civilian end users. She converts complex notions into understandable and user-friendly documentation. 
  • Where to find Ilana: LinkedIn

Podcast Insights

🎙️ The scope of ransomware gangs’ activities varies between organizations. In addition to collecting data that they later use to blackmail their victims, some ransomware gangs also offer services to other cybercriminal groups who want to do the same. ”There were some ransomware gangs advertising what is called a ransomware program as a service. They get affiliates willing to work for this specific ransomware. Affiliates will get a share of the ransoms if the gangs successfully get a ransom payment from victims.”

🎙️ Companies must educate their employees on how to protect their data. Even though cyberattacks are happening daily, not many companies are paying attention to protecting their information. Cybersecurity depends on many factors, but it all starts and ends with people. ”One of the most important things that organizations can do actively is educate their employees and staff. You can have the technology — which is very helpful and very efficient — but sometimes, the deployment of malicious software can be just one click away, literally. So educating the staff, the employees, the stakeholders, and third parties is very important. Train them not to click on all the links. They can receive mail or not download attachments coming from suspicious emails in order to reduce the attack surface of the organization.”

🎙️ Cyber warfare goes beyond physical borders. The ongoing war in Europe proves that there are battlefields in the digital space, too, and they have their own actors and rules. ”Cyber warfare goes beyond all the orders given by the governments of one or another country. So in cybercriminal communities, there are no rules, if not only their own rules. So they can allow themselves to launch very wide scale cyberattacks and ransomware attacks, in particular, on any country they want and flag an affiliation with any government as long as it causes devastating effects on the victims.”