Ransomware and Cybercrime

In May 2021, Jim Gosler, known as the Godfather and commander of US agencies' cyber offensive capability, said, ''Either the Intelligence Community (IC) would grow and adapt, or the Internet would eat us alive.'' Mr Gosler was speaking at his retirement only several months before the terrorist attacks of 9/11. He possibly did not realise the catalyst or the tsunami that he and his tens of thousands of US IC offensive website operatives had created and commenced.

Over the last two decades, what Mr Gosler and his army of Internet keyboard warriors created would become the modus operandi for every faceless, nameless, state-sponsored or individual cybercriminal to replicate against an unwary, ill-protected, and ignorant group of executives and security professionals who knew little to nothing about the clandestine methods of infiltration and weaponisation of the Internet that the US and UK agencies led, all in the name of security.

This book covers many cyber and ransomware attacks and events, including how we have gotten to the point of massive digital utilisation, particularly during the global lockdown and COVID-19 pandemic, to online spending that will see twice the monetary amount lost to cybercrime than what is spent online.

There is little to no attribution, and with the IC themselves suffering cyberattacks, they are all blamed on being sophisticated ones, of course. We are witnessing the undermining of our entire way of life, our economies, and even our liberties. The IC has lots to answer for and unequivocally created the disastrous situation we are currently in. They currently have little to no answer. We need--no, we must demand--change. That change must start by ensuring the Internet and all connections to it are secure and no longer allow easy access and exfiltration for both the ICs and cybercriminals.

在2021年5月，被稱為「數位攻擊能力教父」和美國機構的指揮官的吉姆·高斯勒（Jim Gosler）表示：「情報界要不斷成長和適應，否則互聯網將吞噬我們。」高斯勒先生在911恐怖襲擊發生數個月前退休時發表了這番言論。他可能沒有意識到他和他的數以萬計的美國情報界網站操作人員所創造和開始的催化劑或海嘯。

在過去的二十年中，高斯勒先生和他的互聯網鍵盤戰士軍團所創造的東西已成為每個無面無名的國家支持或個人網絡犯罪分子對一群毫無戒心、缺乏保護和無知的高管和安全專業人員進行仿效的作法，這些人對於互聯網的秘密滲透和武器化方法幾乎一無所知，而這些方法正是美國和英國機構所引領的，都以安全為名。

本書涵蓋了許多網絡和勒索軟體攻擊事件，包括我們如何走到了大規模數位利用的這一點，特別是在全球封鎖和COVID-19大流行期間，網上消費將損失的金額是網上消費金額的兩倍。

幾乎沒有歸因，而且情報界本身也遭受了網絡攻擊，當然都被歸咎於高度複雜的攻擊。我們目睹了我們整個生活方式、經濟甚至自由的破壞。情報界有很多問題需要回答，他們目前幾乎沒有答案。我們需要——不，我們必須要求——改變。這種改變必須從確保互聯網及其所有連接的安全開始，不再容許情報界和網絡犯罪分子輕易進入和外洩。

Andy is a senior and seasoned innovative executive with over 30 years' experience as a hands-on lateral thinking CEO, coach, and leader. A 'big deal' business accelerator, and inspirational lateral thinker. Andy has crafted, created and been responsible for delivering over £100M of projects
Information Classification: General
within the Cyber, Technical, Risk and Compliance markets with some of the world's largest leading organisations.
Andy has a demonstrable track record of large-scale technical delivery and management within Professional Services, Managed Services and Financial Services environments. Andy has extensive experience of working at C-Level and is well known around the world for his strong business leadership, integrity, acumen, development, and change management.
Andy's first book, published in the Autumn of 2021 and titled "Stuxnet to Sunburst, 20 years of digital exploitation and cyber warfare" is a candid, practitioners view, in layman's terms, of how digital warfare over the last 20 years has shaped our world. It uncovers many unknown facts, and projects that the public have been totally unaware of, that is until now. Andy was one of the first, and possibly one of very few people to discover the plethora of insecure SolarWinds domains. It has since been proven that Andy's version of the attack of an insecure sub domain being hijacked and a nefarious website being stood up, is now common knowledge as being the initial access and root cause of the initial infiltration (Sunburst). Andy's research and paper was presented to the United States Senate Intelligence Committee overseeing the SolarWinds breach earlier this year.
Andy has just finished writing a second book on his experience and in-depth research of over 1000 companies over the last few years, all of whom have been victims of cyber and ransomware attacks. The book is titled "Ransomware and Cyberwar, the global economic shift".
Andy has an uncanny ability to see things, and tell them in straight forward, no nonsense manner and translate them into easily digestible chunks that can be addressed and remediated. His recall, and real examples of cyber and ransomware attacks, covers why attacks occurred, and more importantly, how to prevent them. His findings have been completely supported by Hacker One confirming 96% of hackers hack websites and Statista who confirm the top three initial access points for cybercrime are servers and websites.
In 2020 Andy was featured in The Catholic News Agency article on The Vatican breach as he unravelled and assisted The Vatican by identifying 82 out of their 85 domains were insecure. Many were capturing PII data and payments. With 1.2 billion followers online, particularly during Covid-19 lockdowns, Andy may have uncovered the root cause for the world's single largest online digital PII data breach to date.

Andy是一位資深且經驗豐富的創新高層主管，擁有超過30年的實踐經驗，曾擔任實際操作的CEO、教練和領導者。他是一位重要的商業加速器和具啟發性的橫向思考者。Andy在全球領先組織的網絡、技術、風險和合規市場上，創造、開發並負責交付了超過1億英鎊的項目。資訊分類：一般。他在專業服務、管理服務和金融服務環境中具有大規模技術交付和管理的可證明記錄。Andy在C級別工作方面擁有豐富的經驗，以其強大的商業領導力、正直、敏銳度、發展和變革管理而聞名於世。Andy的第一本書於2021年秋季出版，題為《從Stuxnet到Sunburst，20年的數字利用和網絡戰爭》，以外行人的術語，以實踐者的觀點，揭示了過去20年數字戰爭如何塑造了我們的世界。它揭示了許多公眾完全不知道的事實和項目，直到現在為止。Andy是第一批，也可能是少數幾個發現眾多不安全的SolarWinds域名的人之一。事實已經證明，Andy關於不安全子域名被劫持並建立惡意網站的攻擊版本，現在已成為公認的最初訪問和根本原因（Sunburst）。Andy的研究和論文於今年早些時候提交給美國參議院情報委員會，該委員會負責監督SolarWinds遭受的入侵。Andy剛剛完成了第二本書，該書記錄了他在過去幾年中對1000多家公司的經驗和深入研究，這些公司都成為了網絡和勒索軟體攻擊的受害者。該書名為《勒索軟體和網絡戰爭，全球經濟轉變》。Andy有一種神奇的能力，能夠以直接、不废話的方式看到事物，並將它們轉化為易於理解的部分，以便進行處理和修復。他對網絡和勒索軟體攻擊的真實例子和回憶涵蓋了為什麼會發生攻擊，更重要的是如何防止它們。他的研究結果得到了Hacker One的完全支持，該組織證實96%的駭客攻擊網站，以及Statista的證實，即網絡犯罪的前三個初始訪問點是伺服器和網站。2020年，Andy在《天主教新聞社》的一篇文章中被提及，該文章講述了梵蒂岡的入侵事件，他通過發現他們的85個域名中有82個是不安全的，為梵蒂岡提供了協助。其中許多域名正在收集個人身份信息和付款信息。擁有12億在線追隨者的梵蒂岡，尤其是在Covid-19封鎖期間，Andy可能已經揭示了迄今為止全球最大的在線數字個人身份信息數據洩露的根本原因。