Upgrade your tier

Ransomware

Longform
Intermediate
Featuring:Max Smeets, Virtual Routes
Join now Go to topic

Description

Total length of the course: 2-4 hours

Ransomware has evolved from a crude experiment on floppy disks to one of the most sophisticated and lucrative criminal industries in the world. In this course, trace that evolution from the AIDS Trojan through the rise of encryption, botnets, and Bitcoin, to the professionalised RaaS model and double extortion tactics that define the threat today. Explore how groups like Conti and REvil actually operate, examine how states including Russia, North Korea, China, and Iran have woven ransomware into their strategic arsenals, and ask a deceptively simple question: is ransomware really just another form of organized crime, or something more complex and harder to fight?

Content details

History of ransomware
Introduction
How it started: the AIDS Trojan
Towards stronger encryption
Botnet and Bitcoin
Ransomware-as-a-Service (RaaS)
Advertisement and double extortion
Professionalisation of ransomware
The MOB framework
Introduction
Modus operandi, organizational structure, and branding
MOB elements
The ransomware playbook
Introduction
11 stages of the playbook
Case study: Conti’s playbook
How states deploy ransomware
Introduction
Russia
North Korea
China
Iran
Ransomware and organized crime
Introduction
Internal structure – organized operations
Monopolising illicit behavior
Global targeting without territory
Competition
Wrap up

Similar content

Ransomware responses and policy

Featuring:Michael Sulmeyer, Georgetown UniversityCiaran Martin, University of OxfordWilliam Lyne, Metropolitan Police Service

Ransomware and cybercrime

Featuring:Selena Larson, ProofpointMax Smeets, Virtual RoutesWilliam Lyne, Metropolitan Police Service

Military cyber operations

Featuring:Max Smeets, Virtual Routes

Internet governance and digital platforms

Featuring:Roxana Radu, University of Oxford