At the RSA Conference 2025, John Fokker emphasized the importance of recognizing cybercriminals as real people, highlighting the convergence of crime and state-sponsored actions. Drawing from his experience, he cautioned against fixating on advanced technology, advising that criminals prefer exploiting vulnerabilities in security measures. Fokker's insights were illustrated through the investigation of the Black Basta ransomware group, revealing the blurred lines between criminal gangs and nation-states, with criminals like Oleg receiving potential support from officials. This evolving landscape demands an understanding of the human motives driving cybercrime.
Fokker stressed the human element, stating, "So often we forget that these cyber criminals are real people. It's tempting to anonymize threats, but really they're just bad people."
He warned against over-focusing on advanced tech, noting, "A cybercriminal will always prefer a victim with weak passwords, bad patching and no MFA."
Fokker illustrated the convergence of crime and state agendas, saying, "Now those lines have blurred. Nation states are using proxies... causing disruption and stealing data."
He recounted the story of Oleg, stating, "Oleg claimed government officials flew to Armenia to ensure he was escorted back safely, referencing a 'green corridor' escape route."
Collection
[
|
...
]