After the Webinar: Ransomware – Ecosystems and Trends. Q&A with Daniel Donahue

Webinar presenter Daniel Donahue answered a number of your questions after his presentation, Ransomware Ecosystems and Trends. Here are just a few of his responses.


Audience Question: Is cybercrime only committed on the dark web?

Daniel Donahue: No, the dark web is just a tool that they use because it provides anonymity. Again, Tor is just a kind of described proxy on steroids. All it’s doing is hiding your location. And again, it doesn’t even do that reliably. There are ways to kind of get around that. Cybercrime, you can have traditional fraud schemes where somebody also has a website and we see this a lot with cryptocurrency where I’ll get on social media and I’ll advertise that I have a cryptocurrency exchange and that if you invest, it’s always too good to be true. Your money in my particular exchange, you’re guaranteed a 15% rate of return, which is not how cryptocurrency works. But people do it. And I was discussing this with actually the Justice Clearinghouse crew beforehand and they might let you transact on that exchange for a couple of days to build some trust that you deposit more money, but eventually, it’s what they call —–pools. That they’ll just shut down the exchange, they will transfer whatever cryptocurrency remaining balance into a wall they control. I know this isn’t a cryptocurrency class but works off of public and private keys and whoever controls the public or private keys controls the cryptocurrency. That’s just one scheme. We also see a COVID fraud, people with separate website that’s asking for personally identifiable information, getting your credit card number, getting your name, social, all this stuff. Things that people would traditionally try to steal through like credential dumps. That way, they can actually set bank accounts in your name, credit cards, that type of thing. So, it doesn’t have to be the dark web, that just tends to be something more sophisticated, or there’s a concentration of it there. But just like the regular Internet, you can use all types of fraud schemes, and the limit is your imagination as far as it goes.


Audience Question: Are organizations more secure if they’re using cloud-based systems like Microsoft 365, Amazon Web Services, Google Suite, etc.? 

Daniel Donahue: It’s a good question. You would think, yes, right? But, you still have to configure your systems properly, and there are a lot of people that do not do that. Every cloud provider has different terms, but, if you’re not properly configuring your security groups, there are all types of things that could potentially go wrong. So, it really depends on the organization. Yeah. I hope that answers the question and so that’s a big maybe.

Host: Got it. Yep. It sounds like administrators still have to do their jobs in terms of securing the system and understanding those settings to make even cloud-based systems secure.

Daniel Donahue: Yeah, yeah. It’s not secure by default.


Audience Question: Are our smartphones as vulnerable as computers? For example, if I open a phishing e-mail on my work cell phone, will it have an effect on my work systems? 

Daniel Donahue: That’s actually an interesting question. So. I have an instinct here, but I don’t want to give you bad information, that might be one if you e-mail me. I’ll have again, I’m a cop on the criminal investigator, but we do have a team of Cyber Security Researchers and IT specialists here at Cybercrime Center, and I don’t want to give you false information. I would suspect that if it’s a work phone or, like, bring your own device type deal and it’s compromised there, they could potentially —- skilled and dedicated hacker could probably put it to some other piece of your network infrastructure. But I can’t think of a specific example, but if you e-mail me, I’ll get you a better answer. I’m sorry.


Audience Question: Do you think VPNs are helpful to have and is there a particular VPN that is better than others? 

Daniel Donahue: So, I’m brand agnostic, I don’t advertise for anybody. But you can go to different consumer websites to know the right VPNs. They’re great, as long as there’s they’re not compromised. I was trying to think about what particular VPN company. I think it was a Pulse Secure VPN that I think about had a pretty egregious ————— in it. So, it’s only as good as that particular product and I actually don’t even know if they patch that. I’d have to do some research to get if you e-mail me, I’ll get you a better answer. But VPNs are good, especially for law enforcement. Whether you’re doing unattributed, kind of open-source intelligence, using a VPN or, whether you’re doing undercover. If you’re on Tor, it’s less important. Just because Tor kind of access proxy. But if you’re doing anything on the internet, VPNs are definitely useful.


Audience Question: How prevalent are Mac systems with ransomware? Do you see Mac-based systems brands are encrypted as well? 

Daniel Donahue: So, they come with a little bit more kind of better security features. Like Windows Defender is decent if it’s properly configured. But it’s just a market share thing as most ransomware attacks Windows machines, there are Mac ransomware variants and there’s ransomware that attacks Linux machines because a lot of servers use Linux. But I’d say, if I had to like handicap and I’d say probably 80% of ransomware that you see is either OS-agnostic, so it encrypts all three, or it’s geared towards Windows.


Click Here to Watch a Recording of Ransomware Ecosystems and Trends.  



Additional Resources
5 years ago
Cyber Metrics for Agency Execs
Cyberthreats are plenty, thus securing technology and infrastructure is now integral in any business […]
5 years ago
Cryptocurrencies: the Current Landscape (Part 1)
Cryptocurrencies are all the rage. Everyone is watching the price of bitcoins. Those in-the-know are […]
6 years ago
CyberThreat Landscape Update for Spring 2018: An Interview with Stacey Wright
Cyberthreats are fast moving and everchanging.  It can be hard for busy justice professionals to k […]
cyber security -Cybercrime and Cyber Defenses infographic cover image
6 years ago
Infographic: 101 Introduction to Cybercrime and Cyber Defenses
With cybercrime and technological vulnerabilities, anyone can be a victim. With the objective of […]