Fraud Management & Cybercrime , Ransomware , Video

How Ransomware Groups Respond to External Pressure

Yelisey Bohuslavskiy of Red Sense on Why Large Ransomware Groups Have Decentralized
Yelisey Bohuslavskiy, chief research officer and partner, Red Sense

Ransomware groups, like legitimate businesses, must adapt and change as they grow, in response to trends and external pressures - such as law enforcement actions. To survive, many large ransomware groups have adopted decentralized structures, said Yelisey Bohuslavskiy, chief research officer and partner with Red Sense.

See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware

The now-defunct Conti group's downfall was triggered by a single leader's controversial statement about supporting Russia's invasion of Ukraine. This caused other leaders within the group to recognize the vulnerability of being dependent on centralized leadership and resources. As a result of "lessons learned," Bohuslavskiy said, the operation restructured as independent, decentralized units "to prevent having one person take down the whole operation."

In this video interview with Information Security Media Group at Black Hat USA 2023, Bohuslavskiy also discussed:

  • Why adversaries are relying on customized malware;
  • How compliance audits and cyber insurance requirements have shaped the ransomware landscape;
  • How ransomware actors refine their targets by avoiding sectors unlikely to yield ransom payments.

Bohuslavskiy previously served as co-founder and head of research and development at threat intelligence firm Advanced Intelligence. He previously worked as a cyberthreat intelligence analyst at Flashpoint and due diligence researcher at Kroll.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.