Gurvais Grigg, Chainalysis public sector CTO, and Kim Grauer, director of research at Chainalysis, review the ransomware landscape. Show Highlights:

• their backgrounds and roles at Chainalysis
• how a ransomware attack works
• what types of businesses are usually targeted in ransomware attacks
• why ransomware as a service (RAAS) is a booming business
• why Kim and Gurvais believe the hacking group REvil is becoming more sophisticated
• what characteristic of REvil hints that the group could be affiliated with Russia
• how the RAAS business model works
• how ransomware payments can be tracked
• why ransomware reporting has a data problem
• why Bitcoin is the preferred method of payment amongst ransomware attackers
• what two factors makes BTC preferable to privacy coins
• how ransomware groups teach victims to transfer BTC
• how ransomware groups cash out of their BTC
• how counter-terrorism tactics can help fight ransomware attacks
• how the Department of Justice may have partially recovered part of the Colonial Pipeline ransomware payment
• what tools and strategies governments can and will use to battle ransomware

Thank you to our sponsors!

Crypto.com: https://crypto.onelink.me/J9Lg/unchainedcardearnfeb2 

Tezos: https://tezos.com/discover?utm_source=laura-shin&utm_medium=podcast-sponsorship-unconfirmed&utm_campaign=tezos-campaign&utm_content=hero 

Conjure: https://conjure.finance 

 

Episode Links

 

People

Kim Grauer - Director of Research at Chainalysis

• https://www.linkedin.com/in/kimberly-grauer-a9501144

Gurvais Grigg - Global Public Sector Chief Technology Officer at Chainalysis

• https://www.linkedin.com/in/gurvais-grigg-b1027a153/ 

 

Chainalsysis Ransomware Data

• https://go.chainalysis.com/rs/503-FAP-074/images/Ransomware-2021-update.pdf  

• https://go.chainalysis.com/rs/503-FAP-074/images/Chainalysis-Crypto-Crime-2021.pdf  

• https://blog.chainalysis.com/reports/applying-counterterrorism-strategies-to-ransomware  
• https://blog.chainalysis.com/reports/eastern-europe-cryptocurrency-market-2020 

 

Ransomware Attacks

• Kaseya
• • https://decrypt.co/75246/what-the-revil-ransomware-attack-means-for-crypto
  • https://www.abc.net.au/news/2021-07-03/ransomware-attack-us-revil/100265656 
• Colonial Pipeline
• • https://ciphertrace.com/ransomware-seizure-blockchain-analytics-helps-us-authorities-seize-over-2-million-in-darkside-ransom-paid-by-colonial-pipeline/ 
  • https://www.elliptic.co/blog/us-authorities-seize-darkside 
• JBS Holdings
• • https://www.wsj.com/articles/jbs-paid-11-million-to-resolve-ransomware-attack

Other

• Chainalysis 
• • Twitter: https://twitter.com/chainalysis
  • Website: https://www.chainalysis.com/
• Who is REvil? 
• • https://fortune.com/2021/07/07/what-is-revil-ransomware-attack-kaseya/
  • https://unit42.paloaltonetworks.com/revil-threat-actors/ 
• Combating ransomware: https://securityandtechnology.org/ransomwaretaskforce/report/ 
• Why Gurvais joined Chainalysis: https://blog.chainalysis.com/reports/gurvais-grigg-chainalysis 

Learn more about your ad choices. Visit megaphone.fm/adchoices