[Music] [Music] In tech watch the world's top ransomware Gangs have joined together To create a hacking cartel of sorts Russian groups like lock bit wizard Spider twisted spider and viking spider Are sharing hacking techniques stolen Information Malware code and technology Infrastructure analysts fear That hackers pooling resources like this Will result in even more Dangerous cyber attacks so for more on This let us bring in cbsn Tech reporter dan patterson dan what is Going On why are these ransomware gangs Banding together hi anne marie so In a word money look individual groups Individual threat actors have individual Needs sometimes they want to sow chaos Sometimes they are vying for Influence whether that's political Social or even technological And some even according to the research We found Have links to russian svr and gru that's Intelligence services But at the end of the day the name of The game when it comes to ransomware and Ransomware gangs Is money so Hacking groups you know do uh
Collaborate i suppose i think Correct me if i'm wrong with the group But i think was you know our evil Basically sort of had Hacking malware available almost sort of Franchising it out or renting it out or Whatever and then would offer assistance If anyone needed like tech help Um so what's different about what's Different about what's happening now in This particular Alliance look our evil And dark side two of the most nefarious Hacking groups are a part of this larger Trend called Ransomware as a service and you can read About that on the story connected uh to Our segment here and you can see some of Those Connections that these groups have to Each other and larger Uh the larger ransomware ecosystem but Emery Look at the heart of all of these kind Of nefarious Hacking groups is a teen drama they make Up And break up all the time some of these Groups announced a partnership Uh in the summer of 2020 they broke up Again In november uh they kept working Together and collaborating a lot of These groups rebrand
Uh they kind of step back into the Shadows and then they come back again With a different name a different brand Maybe a modification of their ransomware Look they can try to present themselves As these really scary groups and they Certainly have some scary actors Within them uh but they're also pretty Dramatic they fight They bicker they break up they make up They reform they regroup They attack again and the cycle repeats Itself My goodness um i presume That you know part of the reason they Sort of hook up Is because there are strengths and Weaknesses in the different groups and You hook up with another group that has A strength Where you are weak what are the areas of Expertise And you know what kind of attacks should We be bracing for here Yeah so a lot of these groups use a tax That we've talked about In the past they innovate on their code And they innovate Um on the kind of particulars of The way they attack systems but really They rely on a few things which is Uh phishing they name and shame their Victims so they publish Sites that have their victims uh not
Just their names but their personal data They threaten to publish Data that they hack from companies and From governments And they certainly use what's called Zero-day exploits These are flaws or loopholes in code That are not known to the code vendor to The software creator but are Are known uh to hackers so These sound like a pretty nefarious Hacking techniques they Are but they're also really common Hacking techniques These groups don't really innovate on The technique Where they do innovate is on the Collaboration their use of Cloud servers uh or at least shared Servers often they use Or they share or they control access to Which is one reason Researchers refer to them colloquially As a cartel because they share A server or a command and control server That hosts Malware or ransomware and they only Allow their affiliates their associates Or their friends to access that server So the innovation certainly can happen But what we are really seeing is an Innovation More in terms of their their grouping And the way they collaborate
You know a lot of these hacks we don't Even hear about In the public we only sort of feel it Every once in a while if Maybe there's a hack of our personal Information but often ransom is paid And we didn't even know about it when it Came to the colonial pipeline they shut Down the pipeline Portions of it preemptively out of Concern That maybe their systems could be hacked But actually their system wasn't hacked It was sort of like the threat of it So can you just talk a little bit more About the real life consequences of Rants Of these ransomware attacks how they Could affect us and whether we Should actually start also thinking About whether or not there could be Actual attacks on infrastructure not Just the threat But sort of breaking into you know some Key Infrastructure that we depend on that Could have a real life consequence There are attacks on critical Infrastructure in marie and this is the Largest vulnerability that we really Need to be concerned about now look Ransomware is kind of the definition of Cyber attacks in the real world and There
Are real threats every single day if You're an individual or you run a Business especially a small or Medium-sized business because this is Very costly often Enterprise companies have the cash to Pay a ransom Not so for smaller medium-sized Businesses but look What you mentioned is the most important Thing here which is critical Infrastructure there were 16 Departments or 16 sectors that the United states government considers So critical that debilitating one of Them would have a Huge effect on the united states economy And our way of life at least according To cisa That's the united states cyber security Agency Now we have seen cyber attacks targeting Critical infrastructure not just here in The united states but Around the world and russia Pioneered many of these attacks they Used ukraine as a test bed for cyber Attacks That now target the rest of the world in 2016 and 2017 I was there they turned off the power In kev the capital now they're certainly Capable Of doing that and far worse here in the
United states Of course the colonial pipeline attack Was huge Uh we saw our evil target Jbs a meat processing facility last year We also saw Ransomware hit or a cyber attack hit a Water processing Facility so once again cyber attacks Targeting critical infrastructure Are a particular threat and a real world Threat that we are seeing Now wow dan thank you so much Great to see you
