DEF CON , Events , Fraud Management & Cybercrime
Ransomware Group Defenses Are Better Than Fortune 100 Firms
Atropos' Vangelis Stykas on How Ransomware Groups Use Custom Codes and Tor NetworksRansomware groups maintain more secure infrastructures than some of Fortune 100 companies, according to Vangelis Stykas, chief technology officer at Atropos. He said the web applications of 15% to 20% of Fortune 100 companies show vulnerabilities, but only 3.5% of the 140 ransomware web apps analyzed exhibit similar issues. Although some ransomware gangs use outdated platforms, such as WordPress, their overall vulnerability rate is far lower than expected.
See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware
"Ransomware gangs have a lot of money due to their operations," and they "keep their system up to date" and invest in custom code and sophisticated infrastructures, such as Tor networks and custom firewalls, Stykas said. "To exploit them, you either have to find something which is a low-hanging fruit or use some kind of zero-day that is not currently known," he said.
Stykas also spoke about the ethical complexities of his work, which involves targeting these criminal entities. He said he views his efforts as a moral imperative to disrupt the status quo that ransomware groups seek to establish.
In this video interview with Information Security Media Group at DEF CON 2024, Stykas also discussed:
- The role of ransomware as a service in cybercrime expansion;
- The effects of panel disruption on multiple ransomware groups;
- Predictions about how ransomware extortion schemes will evolve in 2024.
Stykas leads security initiatives, focusing on API and web application security. He specializes in identifying and mitigating vulnerabilities, especially in IoT devices. Stykas has more than 20 years of leadership experience and has worked in several companies, including Tremau and Pen Test Partners.