Episode 124: The Many Layers of a Malware Takedown Operation

 

 

In episode 124 of Cybersecurity Where You Are, Sean Atkinson is joined by Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security^® (CIS^®). Together, they explore the many layers of a malware takedown operation.

Here are some highlights from our episode:

• 01:58. A high-level overview of what a malware takedown might involve
• 04:11. Some of the key players who help to disrupt known malware infrastructure
• 07:35. Which operational functionalities make malware infrastructure and tactics difficult to dismantle
• 10:56. Jurisdictional and legal challenges of a takedown operation
• 14:53. What goes into identifying malware networks and infected end-user devices
• 20:47. The technical strategies used for disrupting malware
• 24:13. How cyber threat actors respond differently to a takedown effort

Resources

• Phobos Ransomware Affiliates Arrested in Coordinated International Disruption
• Qakbot Malware Disrupted in International Cyber Takedown
• Episode 89: How Threat Actors Are Using GenAI as an Enabler
• Renew Your Ransomware Defense with CISA's Updated Guidance

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].