What We Do
How We Do
Get Started

Dissecting the Ransomware Ecosystem

About the Episode

When it comes to choosing which type of organization to target, how do ransomware groups strategize their approach?

It turns out that the size of the organization may play a significant role in the decision-making process. While the financial payoff for large organizations is immense, the security safeguards that threat actors will face are much more challenging. However, with small-to-medium organizations, even though the financial reward is smaller, the chances of launching a successful cyber attack are higher. 

As a result, we have seen a significant rise in the use of Ransomware-as-a-Service (RaaS), which has served to be a more efficient tactic for ransomware groups to monetize their intrusion efforts into their targets’ environments.  

In the latest Cybercrime Magazine podcast episode with host Hillarie McClure, eSentire’s Threat Response Unit (TRU) team members, Spence Hutchinson and Keegan Keplinger, take a deep dive into the emergence of Ransomware-as-a-Service and discuss how ransomware groups are shifting their approach to target organizations. 

Listen to the full podcast to learn more about:

  • How organizations can leverage the ‘known laneways’ as part of the ransomware intrusion model to detect the presence of RaaS

  • How adopting multi-factor authentication (MFA) could have stopped the SunWalker incident from occurring

  • How the shift towards a hybrid or remote workforce has impacted organizations and their overall cybersecurity posture


Spence Hutchinson, Staff Threat Intelligence Researcher,


Keegan Keplinger, Research and Reporting Lead,



Hillarie McClure, VP of Multimedia Productions,

Cybersecurity Ventures

Want to listen to more podcasts from eSentire?

Get The Podcast