What's Your Problem? Infiltrating an International Ransomware Gang
Apr 8, 2025
Jon DiMaggio, Chief Security Strategist at Analyst One, dives into the dark underbelly of the LockBit ransomware gang he infiltrated using wartime spy tactics. He shares gripping insights on their recruitment strategies and motivations, including shocking attacks like the one on Sick Kids hospital. DiMaggio discusses how international governments countered this menace, using innovative methods to take down their operations. His tale challenges perceptions of cybercriminals, highlighting an unexpected friendship with one, offering a complex view of human connection amidst chaos.
AI Snips
Chapters
Transcript
Episode notes
Spycraft Studies
- John DiMaggio studied World War II spycraft to understand how to infiltrate LockBit.
- He learned to exploit egos, understand adversaries, and use psychological tactics.
Profiling Targets
- Establish a digital fingerprint of your target by profiling them across the dark web and forums.
- Map out their contacts, friends, and enemies to identify potential infiltration points.
RaaS Model
- LockBit operates as a Ransomware-as-a-Service (RaaS) provider, offering ransomware code and infrastructure.
- Affiliated hackers conduct attacks, sharing profits with LockBit, enabling higher attack volumes.