DEF CON , Events , Fraud Management & Cybercrime

Ransomware Group Defenses Are Better Than Fortune 100 Firms

Atropos' Vangelis Stykas on How Ransomware Groups Use Custom Codes and Tor Networks
Vangelis Stykas, CTO, Atropos

Ransomware groups maintain more secure infrastructures than some of Fortune 100 companies, according to Vangelis Stykas, chief technology officer at Atropos. He said the web applications of 15% to 20% of Fortune 100 companies show vulnerabilities, but only 3.5% of the 140 ransomware web apps analyzed exhibit similar issues. Although some ransomware gangs use outdated platforms, such as WordPress, their overall vulnerability rate is far lower than expected.

See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware

"Ransomware gangs have a lot of money due to their operations," and they "keep their system up to date" and invest in custom code and sophisticated infrastructures, such as Tor networks and custom firewalls, Stykas said. "To exploit them, you either have to find something which is a low-hanging fruit or use some kind of zero-day that is not currently known," he said.

Stykas also spoke about the ethical complexities of his work, which involves targeting these criminal entities. He said he views his efforts as a moral imperative to disrupt the status quo that ransomware groups seek to establish.

In this video interview with Information Security Media Group at DEF CON 2024, Stykas also discussed:

  • The role of ransomware as a service in cybercrime expansion;
  • The effects of panel disruption on multiple ransomware groups;
  • Predictions about how ransomware extortion schemes will evolve in 2024.

Stykas leads security initiatives, focusing on API and web application security. He specializes in identifying and mitigating vulnerabilities, especially in IoT devices. Stykas has more than 20 years of leadership experience and has worked in several companies, including Tremau and Pen Test Partners.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.