
How initial access offers power intrusions and ransomware
Initial access brokers (IABs) sell access to compromised organizations on underground forums. Here's an analysis looking at whether these offers can be correlated to ransomware attacks.
Roman Sannikov immigrated with his parents from Russia to the United States when he was a teenager. Through his parents, he kept up his Russian-language skills. For more than two decades, he worked as an interpreter for the FBI and U.S. Department of Justice, interviewing cybercriminals and even secretly acting as a moderator of a top but now-defunct Russian language cybercriminal forum. He has worked cyber threat intelligence (CTI) and blockchain analysis companies including Recorded Future, Flashpoint and TRM Labs. He now runs Constellation Cyber, a CTI consultancy based in New York. In this Studio 471, Sannikov shares his insight into the Russian cybercriminal landscape, the evolution of online crime and what lies ahead with ransomware.
Participants:
Roman Sannikov, Founder, Constellation Cyber
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
Initial access brokers (IABs) sell access to compromised organizations on underground forums. Here's an analysis looking at whether these offers can be correlated to ransomware attacks.
In this Studio 471, Jacob Larsen discusses the effects of doxing, how sites like Doxbin take advantage of legal loopholes and how to defend against being doxed.
The leader of the Black Basta ransomware group employed a trusted, experienced cybercrime actor nicknamed Tinker who he relied on for phishing content, call center management and negotiation skills.
Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.