Reconstructing the Organizational and Social Structure of a Ransomware Gang | A Black Hat USA 2024 Conversation with L Jean Camp and Dalya Manatova | On Location Coverage with Sean Martin and Marco Ciappelli
08/01/24 • 23 min
Guests:
L Jean Camp, Professor, Luddy School of Computing, Informatics, and Engineering, Indiana University [@IUBloomington]
On LinkedIn | https://www.linkedin.com/in/ljean/
At BlackHat | https://www.blackhat.com/us-24/briefings/schedule/speakers.html#l-jean-camp-37968
Dalya Manatova, Associate Instructor/Ph.D. Student, Luddy School of Computing, Informatics, and Engineering, Indiana University [@IUBloomington]
On LinkedIn | https://www.linkedin.com/in/dalyapraz/
At BlackHat | https://www.blackhat.com/us-24/briefings/schedule/speakers.html#dalya-manatova-48133
____________________________
Hosts:
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
Episode Notes
In this Chats on the Road episode of the On Location with Sean and Marco podcast series, hosts Sean Martin and Marco Ciappelli engage in an insightful conversation about the intricacies of modern cybercrime, specifically focusing on ransomware gangs. The discussion revolves around the research conducted by their guests, L Jean Camp, a scholar specializing in the economics of security and privacy, and Dalya Manatova, a PhD student studying security informatics and the organizational social dynamics of e-crime.
The episode explores how ransomware gangs, such as the notorious Conti group, operate much like legitimate businesses. These criminal organizations exhibit structured hierarchies, recruit testers who may not even realize they are part of an illegal operation, and employ professional negotiation tactics with their victims. The guests emphasize that the threat posed by these gangs is often misunderstood; rather than facing advanced government operations, most individuals and organizations are dealing with commoditized cyber-attacks that follow business-like procedures.
Jean and Dalya share intriguing details about their methodology, including the linguistic and discourse analyses used to map out the relationships and organizational structures within these criminal groups. These analyses reveal the complexities and resilience of the organizations, shedding light on how they maintain operational efficiency and manage internal communications. For instance, the researchers discuss the use of jargon like “cat” to refer to crypto wallets, a nuance that highlights the challenges of interpreting cybercriminal chatter.
Additionally, the conversation touches on the implications of these findings for cybersecurity practices and the broader business landscape. Jean notes the importance of information sharing and understanding the flow of chatter within and between criminal organizations. This awareness can empower defenders by providing them with better tools and methods to anticipate and counteract these threats.
Overall, the episode provides a comprehensive look at the sophisticated nature of ransomware gangs and the importance of interdisciplinary research in understanding and combating cybercrime. The session mentioned in the episode, "Relationships Matter: Reconstructing the Organizational and Social Structure of a Ransomware Gang," is slated for Wednesday, August 7th at Black Hat, promising to offer more extensive insights into this critical issue.
Be sure to follow our Coverage Journey and subscribe to our podcasts!
____________________________
This Episode’s Sponsors
LevelBlue: https://itspm.ag/levelblue266f6c
Coro: https://itspm.ag/coronet-30de
SquareX: https://itspm.ag/sqrx-l91
Britive: ...
Guests:
L Jean Camp, Professor, Luddy School of Computing, Informatics, and Engineering, Indiana University [@IUBloomington]
On LinkedIn | https://www.linkedin.com/in/ljean/
At BlackHat | https://www.blackhat.com/us-24/briefings/schedule/speakers.html#l-jean-camp-37968
Dalya Manatova, Associate Instructor/Ph.D. Student, Luddy School of Computing, Informatics, and Engineering, Indiana University [@IUBloomington]
On LinkedIn | https://www.linkedin.com/in/dalyapraz/
At BlackHat | https://www.blackhat.com/us-24/briefings/schedule/speakers.html#dalya-manatova-48133
____________________________
Hosts:
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
Episode Notes
In this Chats on the Road episode of the On Location with Sean and Marco podcast series, hosts Sean Martin and Marco Ciappelli engage in an insightful conversation about the intricacies of modern cybercrime, specifically focusing on ransomware gangs. The discussion revolves around the research conducted by their guests, L Jean Camp, a scholar specializing in the economics of security and privacy, and Dalya Manatova, a PhD student studying security informatics and the organizational social dynamics of e-crime.
The episode explores how ransomware gangs, such as the notorious Conti group, operate much like legitimate businesses. These criminal organizations exhibit structured hierarchies, recruit testers who may not even realize they are part of an illegal operation, and employ professional negotiation tactics with their victims. The guests emphasize that the threat posed by these gangs is often misunderstood; rather than facing advanced government operations, most individuals and organizations are dealing with commoditized cyber-attacks that follow business-like procedures.
Jean and Dalya share intriguing details about their methodology, including the linguistic and discourse analyses used to map out the relationships and organizational structures within these criminal groups. These analyses reveal the complexities and resilience of the organizations, shedding light on how they maintain operational efficiency and manage internal communications. For instance, the researchers discuss the use of jargon like “cat” to refer to crypto wallets, a nuance that highlights the challenges of interpreting cybercriminal chatter.
Additionally, the conversation touches on the implications of these findings for cybersecurity practices and the broader business landscape. Jean notes the importance of information sharing and understanding the flow of chatter within and between criminal organizations. This awareness can empower defenders by providing them with better tools and methods to anticipate and counteract these threats.
Overall, the episode provides a comprehensive look at the sophisticated nature of ransomware gangs and the importance of interdisciplinary research in understanding and combating cybercrime. The session mentioned in the episode, "Relationships Matter: Reconstructing the Organizational and Social Structure of a Ransomware Gang," is slated for Wednesday, August 7th at Black Hat, promising to offer more extensive insights into this critical issue.
Be sure to follow our Coverage Journey and subscribe to our podcasts!
____________________________
This Episode’s Sponsors
LevelBlue: https://itspm.ag/levelblue266f6c
Coro: https://itspm.ag/coronet-30de
SquareX: https://itspm.ag/sqrx-l91
Britive: ...
Previous Episode
Is Defense Winning? | A Black Hat USA 2024 Conversation with Jason Healey | On Location Coverage with Sean Martin and Marco Ciappelli
Guest: Jason Healey, Senior Research Scholar, Cyber Conflict Studies, SIPA at Columbia University [@Columbia]
On LinkedIn | https://www.linkedin.com/in/jasonhealey/
At BlackHat: https://www.blackhat.com/us-24/briefings/schedule/speakers.html#jason-healey-31682
____________________________
Hosts:
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
Episode Notes
Opening Remarks:
Sean Martin and Marco Ciappelli set the stage with their signature banter, creating an inviting atmosphere for a deep dive into cybersecurity. Marco introduces a philosophical question about measuring success and improvement in the field, leading seamlessly into their conversation with Jason Healey.
Meet the Expert:
Sean introduces Jason Healey, a senior research scholar at Columbia University and a former military cybersecurity leader with extensive experience, including roles at the Pentagon and the White House. Jason shares his excitement for Black Hat 2024 and the anniversary celebrations of ITSPmagazine, expressing anticipation for the discussions ahead.
The Role of Defense in Cybersecurity:
Jason previews his journey from military service to academia, posing the critical question, “Is defense winning?” He provides a historical perspective, noting that cybersecurity challenges have been present for decades. Despite significant investments and efforts, attackers often seem to maintain an edge. This preview sets the stage for a deeper exploration of how to measure success in defense, which he plans to address in detail at the conference.
Shifting the Balance:
Jason highlights the need for a comprehensive framework to evaluate the effectiveness of defense mechanisms. He introduces the concept of metrics like “mean time to detect,” suggesting that these can help gauge progress over time. Jason plans to discuss the importance of understanding system-wide dynamics at Black Hat, emphasizing that cybersecurity is about continual improvement rather than quick fixes.
Economic Costs and Broader Impacts:
Sean shifts the discussion to the economic aspects of cybersecurity, a topic Jason is set to explore further at the event. Jason notes that while financial implications are substantial, other indicators, such as the frequency of states declaring emergencies due to cyber incidents, provide a broader view of the impact. He underscores the need to address disparities in cybersecurity protection, pointing out that not everyone has access to the same level of defense capabilities.
Community and Collaboration:
Marco and Jason discuss the importance of community involvement in improving cybersecurity. Jason stresses the value of shared metrics and continuous data analysis, calling for collective efforts to build a robust defense against evolving threats. This theme of collaboration will be a key focus in his upcoming session.
Looking Forward:
As they wrap up, Sean and Marco express their anticipation for Jason’s session at Black Hat 2024. They encourage the audience to join in, engage with the topics discussed, and contribute to the ongoing conversation on cybersecurity.
Conclusion:
Sean concludes by thanking Jason for his insights and highlighting the importance of the upcoming Black Hat sessions. He invites listeners to follow ITSPmagazine's coverage for more expert discussions and insights into the field of cybersecurity.
For more insightful sessions and expert talks on cybersecurity, make sure to follow ITSPmagazine's Black Hat coverage. Stay safe and stay informed!
Be sure to follow our Coverage Journey and subscribe to our podcasts!
____...
Next Episode
My Reflections from ITSPmagazine’s Black Hat USA 2024 Coverage: The State of Cybersecurity and Its Societal Impact | A Musing On Society & Technology with Marco Ciappelli and TAPE3 | Read by TAPE3
My Reflections from ITSPmagazine’s Black Hat USA 2024 Coverage: The State of Cybersecurity and Its Societal Impact
Prologue
Each year, Black Hat serves as a critical touchpoint for the cybersecurity industry—a gathering that offers unparalleled insights into the latest threats, technologies, and strategies that define our collective defense efforts. Established in 1997, Black Hat has grown from a single conference in Las Vegas to a global series of events held in cities like Barcelona, London, and Riyadh. The conference brings together a diverse audience, from hackers and security professionals to executives and non-technical individuals, all united by a shared interest in information security.
What sets Black Hat apart is its unique blend of cutting-edge research, hands-on training, and open dialogue between the many stakeholders in the cybersecurity ecosystem. It's a place where corporations, government agencies, and independent researchers converge to exchange ideas and push the boundaries of what's possible in securing our digital world. As the cybersecurity landscape continues to evolve, Black Hat remains a vital forum for addressing the challenges and opportunities that come with it.
Sean and I engaged in thought-provoking conversations with 27 industry leaders during our coverage of Black Hat USA 2024 in Las Vegas, where the intersection of society and technology was at the forefront. These discussions underscored the urgent need to integrate cybersecurity deeply into our societal framework, not just within business operations. As our digital world grows more complex, the conversations revealed a collective understanding that the true challenge lies in transforming these strategic insights into actions that shape a safer and more resilient society, while also recognizing the changes in how society must adapt to the demands of advancing technology.
As I walked through the bustling halls of Black Hat 2024, I was struck by the sheer dynamism of the cybersecurity landscape. The conversations, presentations, and cutting-edge technologies on display painted a vivid picture of where we stand today in our ongoing battle to secure the digital world. More than just a conference, Black Hat serves as a barometer for the state of cybersecurity—a reflection of our collective efforts to protect the systems that have become so integral to our daily lives.
The Constant Evolution of Threats
One of the most striking observations from Black Hat 2024 is the relentless pace at which cyber threats are evolving. Every year, the threat landscape becomes more complex, with attackers finding new ways to exploit vulnerabilities in areas that were once considered secure. This year, it became evident that even the most advanced security measures can be circumvented if organizations become complacent. The need for continuous vigilance, constant updating of security protocols, and a proactive approach to threat detection has never been more critical.
The discussions at Black Hat reinforced the idea that we are in a perpetual arms race with cybercriminals. They adapt quickly, leveraging emerging technologies to refine their tactics and launch increasingly sophisticated attacks. As defenders, we must be equally agile, continuously learning and evolving our strategies to stay one step ahead.
Integration and Collaboration: Breaking Down Silos
Another key theme at Black Hat 2024 was the importance of breaking down silos within organizations. In an increasingly interconnected world, isolated security measures are no longer sufficient. The traditional boundaries between different teams—whether they be development, operations, or security—are blurring. To effectively combat modern threats, there needs to be seamless integration and collaboration across all departments.
This holistic approach to cybersecurity is not just about technology; it’s about fostering a culture of communication and cooperation. By aligning the goals and efforts of various teams, organizations can create a unified front against cyber threats. This not only enhances security but also improves efficiency and resilience, allowing for quicker responses to incidents and a more robust defense posture.
The Dual Role of AI in Cybersecurity
Artificial Intelligence (AI) was a major focus at this year’s event, and for good reason. AI has the potential to revolutionize cybersecurity, offering new tools and capabilities for threat detection, response, and prevention. However, it also introduces new challenges and risks. As AI systems become more prevalent, they themselves become targets for exploitation. This dual role of AI—both as a tool and a target—was a hot topic of discussion.
The consensus at Black Hat was clear: while AI can significantly enhance our ability to protect against threats, we must a...
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/redefining-society-and-technology-podcast-213653/reconstructing-the-organizational-and-social-structure-of-a-ransomware-65748294"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to reconstructing the organizational and social structure of a ransomware gang | a black hat usa 2024 conversation with l jean camp and dalya manatova | on location coverage with sean martin and marco ciappelli on goodpods" style="width: 225px" /> </a>
Copy