Inside Conti's Leaked Chats: 300,000 Messages, a Criminal Empire, and the Ransomware Playbook Still Running Today
Show notes
When 300,000 internal messages from the world's most prolific ransomware gang were leaked, they exposed more then a shadowy underground network, a full company. HR departments. Conti operated with the structure of a mid-sized software firm, and that changes how defenders need to think about the ransomware landscape today.
Join host John and special guest Geoff White, journalist and author of Rinsed, as they discuss:
- How Conti's internal org chart compares to a legitimate software company
- The human cost of ransomware targeting critical infrastructure
- Why ransomware groups keep splintering and rebuilding
Two questions your organization should be asking right now:
- When your team thinks about ransomware, are they thinking about a criminal enterprise with structure, funding, and KPIs — or just a hacker in a hoodie?
- Does your incident response plan account for a negotiation with operators who already know your financials?
Resources: https://linktr.ee/ReliaQuestShadowTalk
Geoff White: One of the world's leading journalists covering organized crime and technology, with decades of experience investigating fraudsters, hackers, and money launderers. His work has been featured by BBC News, Sky News, Audible, and The Sunday Times, and he has delivered over 300 keynote talks across more than a dozen countries for global brands including Microsoft, HSBC, and Mastercard. He is the author of three books, including The Lazarus Heist — which spawned a hit BBC podcast that ranked number one in the UK Apple charts — and his latest, Rinsed (2024), which The Financial Times called "Riveting." Geoff brings a rare investigative lens to cybercrime, giving ShadowTalk listeners an inside look at the criminal enterprises shaping today's threat landscape.
John Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.