In this episode of Exploring Information Security, we dive deep into the dark, complex world of ransomware gangs with returning guest Kyle Andrus. Drawing on leaked chat logs, real-world cases, and extensive incident response experience, Kyle helps us understand the internal operations, motivations, and evolution of these cybercriminal organizations.

We explore how ransomware gangs are structured like modern corporations—with developers, access brokers, negotiators, HR, and even customer support. Kyle also shares insights into how these gangs are adapting to legal pressure, sanctions, and the cybersecurity community’s defensive advancements.

• The organizational structure of ransomware gangs

• Ransomware-as-a-Service (RaaS) models and profit sharing

• Affiliate programs, access brokers, and laundering tactics

• The impact of geopolitics on ransomware operations

• Creative pressure tactics, including triple extortion and SEC complaints

• The role of insider threats and chat log leaks (e.g., Conti)

• Use of AI by defenders and attackers

• The evolving response of law enforcement and regulation

Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

[RSS Feed] [iTunes] [LinkedIn][YouTube]

Sign up with your email address to receive news and updates.

We respect your privacy.