The Ransomware Files

The Ransomware Files

The Ransomware Files podcast tells the harrowing stories of technology experts who have fought back against ransomware, which is one of the greatest crime waves the internet has ever seen. It features in-the-trenches stories about how organisations recovered and frank human reflections from those who have faced file-encrypting malware, a potent weapon used by high-tech criminals.


November 8, 2022 1 min

After 13 episodes and one guest episode, The Ransomware Files project has come to a close.  I want to thank everyone who participated and supported it. I wish this project had come to an end because ransomware was no longer a problem. Unfortunately, that's not the case. It remains one of the internet's greatest crime waves. I hope some of the main motivations I had for this project live on. There should be no shame heaped o...

Mark as Played

What if you were hired for an office job but ended up negotiating with cybercriminals? There aren’t many rules around the cybercrime known as ransomware, but this is a story about one rule that was definitely broken. By the end it, the path to the truth lead to a place on the other side of the world. It was a place that no one expected and disturbingly, no one wanted to be.

Speakers: Renee Dudley, Technology Reporter, ProPublica, a...

Mark as Played
September 15, 2022 24 min

Dain Drake was CEO of United Structures of America, a steel fabrication facility outside of Houston. In June 2019, Dain found himself standing outside an adult boutique in Houston at 10 AM on a Sunday morning. It was closed. He called the owner and pleaded for him to come and open the shop. He needed something inside, which might just save his business – from ransomware.

Speakers: Dain Drake, former CEO, United Structures of Americ...

Mark as Played
August 26, 2022 36 min

The Ransomware Files is pleased to host a special guest episode from our friends at Hacked. In mid-April, there was a ransomware attack. It wasn’t against a small business. It wasn’t directed at a large company or even a large city. It was against a country: Costa Rica. The Conti ransomware gang struck more than two dozen government bodies in Costa Rica in a wave of attacks. It was a demonstration of power and bravado with a motiva...

Mark as Played
August 5, 2022 44 min

Is a practicing cardiologist living in Venezuela also a ransomware mastermind? If U.S. prosecutors are to be believed, Moises Luis Zagala Gonzalez is a cybercriminal polymath. He’s on the FBI’s Most Wanted list for cybercrime, but people who know him say the accusations cannot be true. Zagala is charged in federal court in New York with developing ransomware applications called Jigsaw and Thanos that infected organizations and comp...

Mark as Played
July 13, 2022 28 min

The FBI’s Most Wanted list for cybercrime has a recent entry: Moises Luis Zagala Gonzalez. He is a 55-year-old cardiologist living in Ciudad Bolivar, Venezuela. He has a bald head and an earnest smile. In one photo, he wears a doctor’s white overcoat with a stethoscope around his neck. What is this man doing on that list? U.S. prosecutors allege Zagala lead a double life. They allege he’s also a cybercriminal. Zagala is charged in ...

Mark as Played
June 20, 2022 26 min

Ransomware struck global currency exchange and remittance company Travelex on New Year's Eve 2019. Security Architect Don Gibson was DJing at a friend’s place when the first alerts came in. That night kicked off turbulent period for Don that lasted throughout the rest of the year. His name became publicly linked with the Travelex incident, and the attention was completely undesired. His story is one of how social media, a frant...

Mark as Played
May 30, 2022 15 min

If software has a dangerous and easy-to-exploit security vulnerability, should its maker tell customers to shut it down until it’s fixed? It’s a tough call, but one that Dutch company Hoppenbrouwers says the software vendor Kaseya should have undertaken last year to prevent a massive supply-chain attack executed by the REvil ransomware gang. The gang had uncovered flaws in Kaseya's Virtual Systems Administrator product that Kas...

Mark as Played
May 6, 2022 40 min

Rockford Public Schools in Illinois was infected with the Ryuk ransomware just days after the school year started in September 2019. They had one thought for the suspected Russia-based cybercriminal group at the root of the attack: "Screw them." The attack encrypted upwards of six million files, wrecked applications and locked up servers. But the district refused to pay the ransom and kept classes running while mounting a m...

Mark as Played
April 4, 2022 46 min

The REvil ransomware gang's attack against the US software company Kaseya in 2021 is not only amongst the largest ransomware attacks of all time, but it's also one of the most intriguing. It involves the use of zero-day software vulnerabilities known only to a handful of people, a race between attackers trying to snare ransom payments and defenders developing a patch, and a secret operation that hacked back against the REvi...

Mark as Played
February 22, 2022 39 min

In 2019, 23 cities across Texas were infected with the REvil/Sodinokibi ransomware in one of the largest ransomware attacks that has ever occurred in the US. The cities recovered with remarkable speed due to the state's diligent preparation. But a small managed service provider called TSM Consulting, which the ransomware actors exploited in a supply-chain style attack, sustained irreparable damage. It's a heartbreaking stor...

Mark as Played
January 25, 2022 38 min

What if destructive malware disguised as ransomware nearly sank not just one company but many? Shipping giant Maersk was one of dozens of organisations crippled by the NotPetya malware in June 2017. Gavin Ashton and Bharat Halai worked in identity and access management at Maersk. They share how the company's technology team tirelessly brought the company back from an IT systems meltdown and rescued the company's sole surviv...

Mark as Played
December 9, 2021 49 min

Cybersecurity experts are increasingly worried about attacks and ransomware directed at the 70,000 water and wastewater facilities in the United States. In November 2020, the Hampton Roads Sanitation District, which serves 1.7 million people in eastern Virginia, was infected with the Ryuk ransomware. Fortunately, its operational technology systems were unaffected, and it recovered. Here's how HRSD fought back, and how think tan...

Mark as Played
November 18, 2021 45 min

Matthews is an Australian company that specializes in intelligent identification, labelling and inspection systems used by the food and beverage industry. In early 2020, it faced a "double extortion" attempt from ransomware actors. But Matthews fought back, recovered its data and saved its business. Matthews is one of hundreds of organizations in Australia that have been hit by ransomware, and the government is now taking a...

Mark as Played
November 2, 2021 30 min

Ski Kacoroski is a systems administrator with the Northshore School District in Bothell, Washington, which has 23,000 students. In 2019, the district was infected by Emotet and Trickbot, two notorious types of malware. Access to the district's systems was auctioned off twice by cybercriminals, and the district's system were eventually infected in September 2019 with the Ryuk ransomware. But the district recovered through te...

Mark as Played
November 2, 2021 50 sec

The Ransomware Files podcast tells the harrowing stories of IT pros who have fought back against ransomware, the greatest crime wave the Internet has ever seen.

Mark as Played

Popular Podcasts

    Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.

    Stuff You Should Know

    If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks then look no further. Josh and Chuck have you covered.

    The Piketon Massacre

    The most notorious mass murder in Ohio’s history happened on the night of April 21, 2016 in rural Pike County. Four crime scenes, thirty-two gunshot wounds, eight members of the Rhoden family left dead in their homes. Two years later a local family of four, the Wagners, are arrested and charged with the crimes. As the Wagners await four back-to-back capital murder trials, the KT Studios team revisits Pike County to examine: crime-scene forensics, upcoming legal proceedings, and the ties that bind the victims and the accused. As events unfold and new crimes are uncovered, what will it mean for all involved? What will it mean for Pike County?

    Crime Junkie

    If you can never get enough true crime... Congratulations, you’ve found your people.


    It’s a lighthearted nightmare in here, weirdos! Morbid is a true crime, creepy history and all things spooky podcast hosted by an autopsy technician and a hairstylist. Join us for a heavy dose of research with a dash of comedy thrown in for flavor.

Advertise With Us

For You

    Music, radio and podcasts, all free. Listen online or download the iHeart App.


    © 2023 iHeartMedia, Inc.