Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management

Eyeing Bigger Targets, Ransomware Gangs Recruit Specialists

Hacking, Encryption and Negotiation Skills in Demand, Says Coveware's Bill Siegel
Bill Siegel, CEO, Coveware

When startups grow bigger, they inevitably hire more employees to handle increasingly specialized tasks. The same goes with nascent, illegitimate enterprises, such as ransomware gangs, including Maze and the Sodinokibi - aka REvil - ransomware-as-a-service operation, which have been looking to conduct more sophisticated attacks to help them take down larger targets and demand higher ransoms.

See Also: Responding to the Intensifying Threat Landscape

"When they get larger, the one or two people that have a certain specialization can't wear every single hat," says Bill Siegel, CEO of ransomware incident response firm Coveware. "So they bring in people with different specializations: people that specialize in the exfiltration of data, people that specialize in the cloud storage and moving around large volumes of stolen data, people that specialize in the negotiations and people who specialize in encryption and decryption. It turns into a big organization."

In a video interview with Information Security Media Group, Siegel discusses:

  • Why and how many ransomware-wielding gangs have adjusted their tactics, including embracing data exfiltration and leaking, to force more victims to pay;
  • How less expensive but still effective ransomware-as-a-service variants have lowered cybercrime barriers to entry;
  • Remote desktop protocol and other top attack vectors being targeted by gangs.

Siegel is CEO and co-founder of Coveware. Previously, he served as CFO of SecurityScorecard, head of NASDAQ Private Market and CEO of SecondMarket.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.