Feb 26 2025 32 mins
In episode 124 of Cybersecurity Where You Are, Sean Atkinson is joined by Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security® (CIS®). Together, they explore the many layers of a malware takedown operation.
Here are some highlights from our episode:
- 01:58. A high-level overview of what a malware takedown might involve
- 04:11. Some of the key players who help to disrupt known malware infrastructure
- 07:35. Which operational functionalities make malware infrastructure and tactics difficult to dismantle
- 10:56. Jurisdictional and legal challenges of a takedown operation
- 14:53. What goes into identifying malware networks and infected end-user devices
- 20:47. The technical strategies used for disrupting malware
- 24:13. How cyber threat actors respond differently to a takedown effort
Resources
- Phobos Ransomware Affiliates Arrested in Coordinated International Disruption
- Qakbot Malware Disrupted in International Cyber Takedown
- Episode 89: How Threat Actors Are Using GenAI as an Enabler
- Renew Your Ransomware Defense with CISA's Updated Guidance
If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].