Great deep dive! One thing I'd like to add under closing thoughts: there are MANY threat intel sharing groups that do an unheralded amount of work to inflict pain and cost on these groups. We should try to tear down as much red tape as possible to not only make sharing intel between companies on these groups easier, but also tear down redtape so the government (read: law enforcement) can work in symbiosis with private industry
Great post Ross -- I think it's really important to educate people about the business side of cybercrime. One of the great sources on this (I would argue definitive) is Jonathan Lusthaus and https://industryofanonymity.substack.com/. Definitely recommend to anyone interested in this space.
Great deep dive! One thing I'd like to add under closing thoughts: there are MANY threat intel sharing groups that do an unheralded amount of work to inflict pain and cost on these groups. We should try to tear down as much red tape as possible to not only make sharing intel between companies on these groups easier, but also tear down redtape so the government (read: law enforcement) can work in symbiosis with private industry
Great post Ross -- I think it's really important to educate people about the business side of cybercrime. One of the great sources on this (I would argue definitive) is Jonathan Lusthaus and https://industryofanonymity.substack.com/. Definitely recommend to anyone interested in this space.