Lawfare Daily: The Shadowy World of Ransomware with Professor Anja Shortland
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “Lawfare Daily: The Shadowy World of Ransomware with Professor Anja Shortland” inside PodZeus.
In this episode of The Lawfare Podcast, host Jonathan Sederbaum interviews Professor Anja Shortland, a political economy expert at King's College London, about her book *Dark Screens: Hackers and Heroes in the Shadowy World of Ransomware*. Shortland traces the evolution of ransomware from its early technical roots in the 1980s to its current status as a multi-billion-dollar global threat, highlighting three generations of ransomware: automated, human-operated, and data-exfiltration-driven. She explains how the convergence of asymmetric encryption, the dark web (via Tor), and cryptocurrencies like Bitcoin enabled ransomware to scale. The rise of 'ransomware as a service' (RaaS) and 'ransomware settlement as a service' further industrialized the threat, outsourcing attacks to affiliates while creating exploitative intermediaries. Shortland dissects major groups like REvil, Conti, and Lockbit, illustrating how geopolitical tensions, internal fractures, and law enforcement operations—such as the UK’s National Crime Agency’s takedown of Lockbit—have reshaped the landscape. She critiques the lack of effective policy solutions, including the failed 'ransom ban' idea, and emphasizes the importance of cyber hygiene, resilience, and preparedness. The episode concludes with a discussion of the private-sector-led Ransomware Task Force and the ongoing need for systemic change. Key takeaways include: (1) Ransomware is no longer just about encryption—it’s about data theft and extortion; (2) The rise of RaaS has democratized cybercrime, enabling less-skilled actors to launch large-scale attacks; (3) Law enforcement successes, like the Lockbit takedown, can disrupt trust in ransomware gangs; (4) Cyber resilience—through backups, patching, and multi-factor authentication—is more critical than ever; (5) Geopolitical tolerance, especially in Russia and parts of Eastern Europe, enables the ransomware ecosystem; (6) Private-sector coordination (e.g., the Ransomware Task Force) is vital when governments lag; (7) The 'ransom settlement' industry often exploits victims rather than helping them; and (8) There is no single silver bullet—defense requires a multi-layered, adaptive strategy.
Ransomware has evolved from automated attacks to human-operated, data-exfiltration-driven extortion, making it more sophisticated and damaging.
The rise of Ransomware as a Service (RaaS) has enabled less-skilled actors to launch large-scale attacks, significantly expanding the threat landscape.
Law enforcement operations like the takedown of Lockbit can undermine trust in ransomware gangs by exposing their internal workings.
Cyber resilience—offline backups, patching, multi-factor authentication—is more effective than relying on paying ransoms.
Geopolitical tolerance in countries like Russia enables ransomware groups to operate with relative impunity.
…and 3 more takeaways available in PodZeus
Introduction to Ransomware and the Guest
The episode opens with a sponsor ad for Vileda Proclin, followed by an introduction to Professor Anja Shortland and her book *Dark Screens*. Host Jonathan Sederbaum sets the stage by discussing the economic and governance dimensions of ransomware, framing it as part of a broader 'unholy trinity' of extortive crime including piracy and art theft.
The Evolution of Ransomware: From 1989 to 2013
“It was only the gift of cryptocurrencies that made it possible for them to take payment at scale and cash out pseudonymously without ever revealing their real world identities.”
Ransomware as a Service and the Rise of Affiliates
“The coders take the smaller part. But of course, they also have the option that when somebody comes in with a huge ransom, that they just disappear and take the entire ransom.”
Ransomware Settlement as a Service: A Double-Edged Sword
“Nothing is gained except for the ransomware payment mills. So yeah, quite a lot of shady businesses in that space preying on people's predicament.”
Case Study: The REvil Attack on Kaseya
The episode analyzes the REvil attack on Kaseya, a managed service provider, which threatened up to a million users. Despite the scale, the attack was contained quickly due to Kaseya’s rapid response. The episode highlights the importance of speed in detection and the role of community solidarity in recovery.
“If their lives are at risk or livelihoods are at risk and a company is hemorrhaging money, the commitment to saying he will never pay ransoms is just not credible.”
“It was only the gift of cryptocurrencies that made it possible for them to take payment at scale and cash out pseudonymously without ever revealing their real world identities.”
“They also really targeted the affiliates. They've revealed the identity of the leader of the Lockbit group.”
Host
Guest
Anja Shortland
person
Lawfare Podcast
media
Lockbit
organization
Russia
place
Conti
organization
REvil
organization
Bitcoin
other
Ukraine
place
Vileda Proclin
brand
Kaseya
organization
Lawfare Daily: What’s Influencing Politics Online? X’s Algorithm, Creators, and the New Persuasion Machine
The Lawfare Podcast • 47m • 3/31/2026
Lawfare Daily: Joel Braunold on West Bank Violence and Israel’s New Lebanon Offensive
The Lawfare Podcast • 49m • 4/1/2026
Lawfare Daily: Beyond the Headlines: A History of U.S.-Iran Relations
The Lawfare Podcast • 1h 2m • 4/2/2026
Rational Security: The "Chicken Sh*t Bingo" Edition
The Lawfare Podcast • 1h 8m • 4/2/2026
Lawfare Daily: The Privacy Law That's Supposed To Be Protecting Us Online Turns 40
The Lawfare Podcast • 38m • 4/3/2026
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “Lawfare Daily: The Shadowy World of Ransomware with Professor Anja Shortland” inside PodZeus.
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime