Unraveling The Ransomware Supply Chain

Unraveling The Ransomware Supply Chain

Whether it be zero day exploits, compromised and sold credentials and malware delivered via suspicious office documents or links, this episode covers the nuances of ransomware and the organizational structure, supply chain and recovery options of some of the biggest exploits in the news. 

In this episode of Public Key, our host, Ian Andrews (CMO at Chainalysis) along with his colleague, Brian Carter (Senior Cybercrimes Specialist) describe the ransomware ecosystem, vulnerabilities that are exploited and some of the biggest illicit threat actors driving these underworld enterprises. Brian gives us an inside look at organizational structure and financial instability in the ransomware market, while giving practical advice for those that may fall victim to these ransomware attacks. 

Minute-by-minute episode breakdown

• (2:19) – What is ransomware and who are the targets for these illicit actors 
• (4:45)  – Why banning cryptocurrency isn’t an easy way to mitigate ransomware attacks
• (6:20) – Are zero day exploits still the most popular vulnerability or are there other trending exploits
• (8:45) – What part does compromised credentials play in mounting targeted ransomware attacks
• (12:15) – Why ransomware is like a MLM Scheme, where only a few are walking away with alot of money 
• (19:30) – What is a ransomware supply chain and what is a ransomware kill chain
• (22:40) – How does the impact of the shutdown of Hydra market impact the ransomware ecosystem

Related resources

Check out more resources provided by Chainalysis that perfectly complement this episode of the Public Key.

• Blog: As Ransomware Payments Continue to Grow, So Too Does Ransomware’s Role in Geopolitical Conflict
• Article: Cryptojacking: How the crypto boom is driving malware infections
• Blog: Russian Cybercriminals Drive Significant Ransomware and Cryptocurrency-based Money Laundering Activity
• Blog: Chainalysis In Action: How FBI Investigators Traced DarkSide’s Funds Following the Colonial Pipeline Ransomware Attack
• Report: The Chainalysis 2022 Crypto Crime Report

Speakers on today’s episode

• Ian Andrews * Host * (Chief Marketing Officer, Chainalysis) https://www.linkedin.com/in/ianhandrews
• Brian Carter (Senior Cybercrimes Specialist, Chainalysis) https://www.linkedin.com/in/brianccarter/

This website may contain links to third-party sites that are not under the control of Chainalysis, Inc. or its affiliates (collectively “Chainalysis”). Access to such information does not imply association with, endorsement of, approval of, or recommendation by Chainalysis of the site or its operators, and Chainalysis is not responsible for the products, services, or other content hosted therein.

Our podcasts are for informational purposes only, and are not intended to provide legal, tax, financial, or investment advice. Listeners should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with your use of this material.

Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in any particular podcast and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material. 

Unless stated otherwise, reference to any specific product or entity does not constitute an endorsement or recommendation by Chainalysis. The views expressed by guests are their own and their appearance on the program does not imply an endorsement of them or any entity they represent. Views and opinions expressed by Chainalysis employees are those of the employees and do not necessarily reflect the views of the company.