Ukraine Cyber Chief Illia Vitiuk on
Hacktivism and Ransomware
I recently had the opportunity to speak with Illia Vitiuk, Chief of Cyber and Information Security at the Security Service of Ukraine (SBU), at the Billington Cyber Summit 2023. In our interview, we discussed cybercriminals turned Ukrainian patriots, the pro-Kremlin hacktivism phenomenon, recent attempts by Russian military intelligence Unit 74455 (aka Sandworm) of attacking Ukrainian military situational awareness systems, and the Clop ransomware group.
8BASE Ransomware Group Interview:
“We Are Honest and Simple Pentesters”
In the early months of summer 2023, the 8BASE ransomware group gained notoriety due to a surge in their cyberattacks. I recently conducted an interview with a representative from 8BASE, Devald, who provided insights into the group’s background and activities. Devald also seemed to corroborate the findings of VMware’s Threat Analysis Unit, suggesting that 8BASE is a seasoned team of ransomware actors rather than a new group. When asked about 8BASE’s cryptocurrency transfers, Devald made the preposterous claim that “many cybersecurity and law enforcement agencies receive some compensation so that the traces do not lead anywhere.” He ended the interview with a general recommendation for organizations to protect against ransomware attacks.
Anonymous Sudan, Cyber Warriors or Russian Puppets?
Working with cybersecurity reporter Joe Tidy of the BBC, I conducted an interview with Russia-linked hacktivist group Anonymous Sudan. Could Anonymous Sudan indeed be skilled Sudanese cyber warriors amid internal strife in Sudan, or is this an ongoing clever Russian operation designed to maintain plausible deniability as defenders of Islam while striking at the West? The evidence seems to point towards the latter, while the real identity and details of this elusive group remain shrouded in darkness.
UPDATE: After weeks of continued conversations, evidence gained by Joe Tidy and I suggests that Anonymous Sudan might actually be just a small group of Sudanese criminal hackers, rather than a Kremlin-run cyber campaign. Check out the BBC article below by Joe Tidy.
SoundCloud’s Islamic State Problem and How to Fix It
In my guest post for Jihadology, I delve into how SoundCloud hosts and perpetuates jihadi anashid (chants). With millions of streams and thousands of comments, the platform is currently a sanctuary for terrorist content. I demonstrate the easy accessibility of IS material, critique SoundCloud’s reactive content removal policy, and propose a solution using hashing and audio fingerprinting technology for automated content identification and removal.
World Leaders in Jihadi Magazines
The “World Leaders in Jihadi Magazines” archive is a compilation of references to world leaders and politicians found in magazines published by various jihadi groups, including al-Qaeda, the Taliban, ISIS, and al-Shabaab. Original terrorist text is preserved including frequent typos and grammatical errors, with infrequent formatting edits made. Magazines currently included in the archive: Inspire (al-Qaeda), Rumiyah (ISIS), Dabiq (ISIS), Voice of Khorasan (ISKP), Voice of Hind (ISHP), Gaidi Mtaani (al-Shabaab). Magazines to be included in the archive: al-Naba (ISIS), al–Sumud (Taliban), Ummah Wahidah (al-Qaeda), Sawt Khorasan (ISKP), and more. The archive is still in its early stages and will continue to unfold over time.