The Professionalization of the Ransomware Criminal Ecosystem
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by ransomware experts Allan Liska from Recorded Future and Jonathan Braley, Director of Threat Intelligence for IT-ISAC, to get a pulse check on the current state of ransomware. They discuss how ransomware has shifted from simple attacks, like Locky, to more sophisticated, high-stakes campaigns targeting entire networks and demanding millions of dollars. Allan and Jonathan also highlight the rise of ransomware-as-a-service, the emergence of big game hunting attacks, and the increasingly professionalized criminal ecosystem surrounding ransomware. The conversation further explores the psychological aspects of cybercrime, focusing on the mindset of ransomware operators—particularly in Eastern Europe and Russia—where the line between crime and business can often be blurred. In this episode you’ll learn: Why attackers now target entire networks instead of just single machines How cybercriminal groups turned ransomware into a profitable business model The unique challenges healthcare employees face during ransomware attacks Findings from IT-ISAC's recent ransomware reports Some questions we ask: How did the Colonial Pipeline attack lead to real-world actions? Will paying the ransom restore the organization's data and operations? What are the differences between ransomware from 10-12 years ago and ransomware today? Resources: View Allan Liska on LinkedIn View Jonathan Braley on LinkedIn View Sherrod DeGrippo on LinkedIn IT-ISAC Ransomware report Food and AG-ISAC Ransomware report Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.