{"id":175,"date":"2021-11-04T16:54:11","date_gmt":"2021-11-04T15:54:11","guid":{"rendered":"https:\/\/counterintelligence.pl\/?p=175"},"modified":"2021-11-06T22:12:32","modified_gmt":"2021-11-06T21:12:32","slug":"cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware","status":"publish","type":"post","link":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/","title":{"rendered":"CyberPolice - REvil 1: 0 - on the risks of being a ransomware operator"},"content":{"rendered":"<p><a href=\"https:\/\/www.washingtonpost.com\/national-security\/cyber-command-revil-ransomware\/2021\/11\/03\/528e03e6-3517-11ec-9bc4-86107e7b0ab1_story.html\">Washington Post journalists published yesterday an article about the end of REvil group activities<\/a> as a result of an action carried out by the American Cyber Command - the command of cybernetic forces. Curbing REvil&#039;s actions is certainly good news for everyone - criminals are responsible, for example, for ransomware attacks on <a href=\"https:\/\/en.wikipedia.org\/wiki\/Kaseya_VSA_ransomware_attack\">Kaseye<\/a> or<a href=\"https:\/\/en.wikipedia.org\/wiki\/JBS_S.A._cyberattack\"> JBS<\/a> and poisoned the lives of many companies. The most interesting, however, is the topic of what directly led the REvil operators to close the operation - the Cyber Command operation itself was not based on destructive actions such as destroying data on C2 servers, but on hijacking a page in the Tor network that criminals used to blackmail victims and extort ransom. In essence, it was only a hindrance to doing business - it would certainly slow down the group&#039;s activities temporarily, but it did not permanently hit the key elements of the operation.<\/p>\n\n\n\n<p>Fortunately, REvil itself provided insight into the rationale behind its decision by discussing the course of events in a Russian-speaking forum. As reported in the Washington Post, in October criminals noticed a domain hijack, prompting them to check their servers for signs of intrusion. And while the group did not discover anything unusual at first, a closer look apparently brought an unpleasant surprise when it discovered a burglary carried out by security services this summer:<\/p>\n\n\n\n<p class=\"has-text-align-center\">&quot;<em>The server was compromised<\/em>, &quot;He wrote hours later,&quot;<em>and they are looking for me<\/em>. &quot; And then: &quot;<em>Good luck everyone, I&#039;m taking off<\/em>. &quot;<\/p>\n\n\n\n<p>Apparently, 0_neday, because that was the nickname on the forum was used by the leader of the group, stated that the hacking meant that the services were already actively investigating REvil's activities, therefore further actions were not worth the potential risk. There are at least a few interesting conclusions from the whole situation.<\/p>\n\n\n\n<p>First, this is perhaps the first disclosed operation in which Cyber Command has taken offensive actions against a ransomware group. If we refer to the model of defense operations <a href=\"https:\/\/securityintelligence.com\/how-to-defend-with-the-courses-of-action-matrix-and-indicator-lifecycle-management\/\">Course of Action Matrix <\/a>this Cyber Command operation falls under Disrupt or Degrade, leaning rather towards Degrade. Redirecting traffic and hijacking the domain would not in itself prevent the ransom collection, but would temporarily slow down the pace.<\/p>\n\n\n\n<p>Secondly, thanks to live coverage provided by the interested parties on the Cyber Command forum (and the rest of the world), it kind of received feedback on the effectiveness of various types of activities in deterring ransomware operators. While the domain takeover itself did not cause panic, the discovery of hacking signs suggesting the security&#039;s interest immediately led to the cessation of malware distribution, recruitment of new partners and ransom negotiations. The obvious conclusion is that it is the threat of disclosure of identity, arrest, or, more generally, criminal liability that motivates to end this<a href=\"https:\/\/www.zdnet.com\/article\/ransomware-gangs-made-at-least-350-million-in-2020\/\"> very profitable business<\/a>. This conclusion to some extent coincides with the position I presented in <a href=\"https:\/\/www.youtube.com\/watch?v=QtuzzFtpOZM\">a speech I recorded for the Cambridge International Symposium on Economic Crime<\/a> - the effectiveness in combating ransomware will be directly proportional to how engaged and willing to cooperate will be the countries in which the groups operate. However, there is a very important catch here - the leader of REvil did not know which services and from which country the server was hacked, the mere fact of potential interest was enough to scare off the criminals. It will be very interesting, therefore, what will happen next, and whether the knowledge that US agencies are responsible for the operations will make the group resume its activity, hoping for further immunity in Russia. On the other hand, the interest of law enforcement agencies is not limited to the direct members of REvil. The group operated on the basis of Ransomware-as-a-service, recruiting partners who infected systems in return for a share of the profits, and who will now have second thoughts on whether they want to engage in, let's call it, highly media activity. In the end, seeing the panic aroused by the interest itself, American agencies can reach for the recently favorite weapon against cybercriminals - <a href=\"https:\/\/www.justice.gov\/opa\/pr\/four-chinese-nationals-working-ministry-state-security-charged-global-computer-intrusion\">acts<\/a> <a href=\"https:\/\/www.justice.gov\/opa\/pr\/six-russian-gru-officers-charged-connection-worldwide-deployment-destructive-malware-and\">accusations<\/a> in which they reveal the identity of the perpetrators. While in the case of intelligence officers, it is difficult to expect that they will bring spectacular results (whether it is possible to discourage states from conducting intelligence activities is a topic for a separate post), criminals who want to earn money and potentially in the future live in luxury in a selected country may painfully feel the publication of your image. Not to mention REvil partners living in the countries where Europol operates.<\/p>\n\n\n\n<p>As we can see, it all comes down to risk assessment. Just as in the corporate environment, some risks are accepted and others are not, so law enforcement agencies probably finally hit a sensitive point of unacceptable risk to criminals. Let us hope that other ransomware operators assume similarly conservative approach to the acceptable risk and will decide to cease further operations.<\/p>","protected":false},"excerpt":{"rendered":"<p>Dziennikarze Washington Post opublikowali wczoraj artyku\u0142 dotycz\u0105cy zako\u0144czenia dzia\u0142alno\u015bci przez grup\u0119 REvil na skutek akcji przeprowadzonej przez Ameryka\u0144skie Cyber Command &#8211; dow\u00f3dztwo si\u0142 cybernetycznych. Ukr\u00f3cenie poczyna\u0144 REvil jest z pewno\u015bci\u0105 dobr\u0105 informacj\u0105 dla wszystkich &#8211; przest\u0119pcy s\u0105 odpowiedzialni cho\u0107by za ataki ransomware na Kaseye czy JBS i zatruli \u017cycie wielu [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":183,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"cybocfi_hide_featured_image":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6],"tags":[8,9,7,10],"class_list":["post-175","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threat-intelligence","tag-cybercommand","tag-law-enforcement","tag-ransomware","tag-revil"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CyberPolicja - REvil 1:0 - o ryzyku w byciu operatorem ransomware - counterintelligence.pl<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CyberPolicja - REvil 1:0 - o ryzyku w byciu operatorem ransomware - counterintelligence.pl\" \/>\n<meta property=\"og:description\" content=\"Dziennikarze Washington Post opublikowali wczoraj artyku\u0142 dotycz\u0105cy zako\u0144czenia dzia\u0142alno\u015bci przez grup\u0119 REvil na skutek akcji przeprowadzonej przez Ameryka\u0144skie Cyber Command &#8211; dow\u00f3dztwo si\u0142 cybernetycznych. Ukr\u00f3cenie poczyna\u0144 REvil jest z pewno\u015bci\u0105 dobr\u0105 informacj\u0105 dla wszystkich &#8211; przest\u0119pcy s\u0105 odpowiedzialni cho\u0107by za ataki ransomware na Kaseye czy JBS i zatruli \u017cycie wielu [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"counterintelligence.pl\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-04T15:54:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-11-06T21:12:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i1.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2021\/11\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"965\" \/>\n\t<meta property=\"og:image:height\" content=\"405\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Kamil Bojarski\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@lawsecnet\" \/>\n<meta name=\"twitter:site\" content=\"@lawsecnet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kamil Bojarski\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/\"},\"author\":{\"name\":\"Kamil Bojarski\",\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/#\\\/schema\\\/person\\\/a2bd0e683e8f31df48bd02f45508e8ba\"},\"headline\":\"CyberPolicja &#8211; REvil 1:0 &#8211; o ryzyku w byciu operatorem ransomware\",\"datePublished\":\"2021-11-04T15:54:11+00:00\",\"dateModified\":\"2021-11-06T21:12:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/\"},\"wordCount\":898,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/#\\\/schema\\\/person\\\/a2bd0e683e8f31df48bd02f45508e8ba\"},\"image\":{\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/counterintelligence.pl\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1\",\"keywords\":[\"cybercommand\",\"law enforcement\",\"ransomware\",\"REvil\"],\"articleSection\":[\"Threat Intelligence\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/\",\"url\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/\",\"name\":\"CyberPolicja - REvil 1:0 - o ryzyku w byciu operatorem ransomware - counterintelligence.pl\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/counterintelligence.pl\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1\",\"datePublished\":\"2021-11-04T15:54:11+00:00\",\"dateModified\":\"2021-11-06T21:12:32+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/counterintelligence.pl\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/counterintelligence.pl\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1\",\"width\":965,\"height\":405},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/en\\\/2021\\\/11\\\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/counterintelligence.pl\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CyberPolicja &#8211; REvil 1:0 &#8211; o ryzyku w byciu operatorem ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/#website\",\"url\":\"https:\\\/\\\/counterintelligence.pl\\\/\",\"name\":\"counterintelligence.pl\",\"description\":\"Threat Inteliigence \\\/ OSINT \\\/ NETSEC \\\/ NATSEC\",\"publisher\":{\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/#\\\/schema\\\/person\\\/a2bd0e683e8f31df48bd02f45508e8ba\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/counterintelligence.pl\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/counterintelligence.pl\\\/#\\\/schema\\\/person\\\/a2bd0e683e8f31df48bd02f45508e8ba\",\"name\":\"Kamil Bojarski\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/counterintelligence.pl\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/ci_hor.png?fit=1521%2C721&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/counterintelligence.pl\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/ci_hor.png?fit=1521%2C721&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/counterintelligence.pl\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/ci_hor.png?fit=1521%2C721&ssl=1\",\"width\":1521,\"height\":721,\"caption\":\"Kamil Bojarski\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/counterintelligence.pl\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/ci_hor.png?fit=1521%2C721&ssl=1\"},\"sameAs\":[\"https:\\\/\\\/counterintelligence.pl\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/kamil-bojarski\\\/\",\"https:\\\/\\\/x.com\\\/lawsecnet\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CyberPolice - REvil 1:0 - about the risks of being a ransomware operator - counterintelligence.pl","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/","og_locale":"en_US","og_type":"article","og_title":"CyberPolicja - REvil 1:0 - o ryzyku w byciu operatorem ransomware - counterintelligence.pl","og_description":"Dziennikarze Washington Post opublikowali wczoraj artyku\u0142 dotycz\u0105cy zako\u0144czenia dzia\u0142alno\u015bci przez grup\u0119 REvil na skutek akcji przeprowadzonej przez Ameryka\u0144skie Cyber Command &#8211; dow\u00f3dztwo si\u0142 cybernetycznych. Ukr\u00f3cenie poczyna\u0144 REvil jest z pewno\u015bci\u0105 dobr\u0105 informacj\u0105 dla wszystkich &#8211; przest\u0119pcy s\u0105 odpowiedzialni cho\u0107by za ataki ransomware na Kaseye czy JBS i zatruli \u017cycie wielu [&hellip;]","og_url":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/","og_site_name":"counterintelligence.pl","article_published_time":"2021-11-04T15:54:11+00:00","article_modified_time":"2021-11-06T21:12:32+00:00","og_image":[{"width":965,"height":405,"url":"https:\/\/i1.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2021\/11\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1","type":"image\/png"}],"author":"Kamil Bojarski","twitter_card":"summary_large_image","twitter_creator":"@lawsecnet","twitter_site":"@lawsecnet","twitter_misc":{"Written by":"Kamil Bojarski","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/#article","isPartOf":{"@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/"},"author":{"name":"Kamil Bojarski","@id":"https:\/\/counterintelligence.pl\/#\/schema\/person\/a2bd0e683e8f31df48bd02f45508e8ba"},"headline":"CyberPolicja &#8211; REvil 1:0 &#8211; o ryzyku w byciu operatorem ransomware","datePublished":"2021-11-04T15:54:11+00:00","dateModified":"2021-11-06T21:12:32+00:00","mainEntityOfPage":{"@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/"},"wordCount":898,"commentCount":0,"publisher":{"@id":"https:\/\/counterintelligence.pl\/#\/schema\/person\/a2bd0e683e8f31df48bd02f45508e8ba"},"image":{"@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2021\/11\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1","keywords":["cybercommand","law enforcement","ransomware","REvil"],"articleSection":["Threat Intelligence"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/","url":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/","name":"CyberPolice - REvil 1:0 - about the risks of being a ransomware operator - counterintelligence.pl","isPartOf":{"@id":"https:\/\/counterintelligence.pl\/#website"},"primaryImageOfPage":{"@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2021\/11\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1","datePublished":"2021-11-04T15:54:11+00:00","dateModified":"2021-11-06T21:12:32+00:00","breadcrumb":{"@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/#primaryimage","url":"https:\/\/i0.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2021\/11\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1","contentUrl":"https:\/\/i0.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2021\/11\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1","width":965,"height":405},{"@type":"BreadcrumbList","@id":"https:\/\/counterintelligence.pl\/en\/2021\/11\/cyberpolicja-revil-10-o-ryzyku-w-byciu-operatorem-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/counterintelligence.pl\/"},{"@type":"ListItem","position":2,"name":"CyberPolicja &#8211; REvil 1:0 &#8211; o ryzyku w byciu operatorem ransomware"}]},{"@type":"WebSite","@id":"https:\/\/counterintelligence.pl\/#website","url":"https:\/\/counterintelligence.pl\/","name":"counterintelligence.pl","description":"Threat Inteliigence \/ OSINT \/ NETSEC \/ NATSEC","publisher":{"@id":"https:\/\/counterintelligence.pl\/#\/schema\/person\/a2bd0e683e8f31df48bd02f45508e8ba"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/counterintelligence.pl\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/counterintelligence.pl\/#\/schema\/person\/a2bd0e683e8f31df48bd02f45508e8ba","name":"Kamil Bojarski","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2023\/11\/ci_hor.png?fit=1521%2C721&ssl=1","url":"https:\/\/i0.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2023\/11\/ci_hor.png?fit=1521%2C721&ssl=1","contentUrl":"https:\/\/i0.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2023\/11\/ci_hor.png?fit=1521%2C721&ssl=1","width":1521,"height":721,"caption":"Kamil Bojarski"},"logo":{"@id":"https:\/\/i0.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2023\/11\/ci_hor.png?fit=1521%2C721&ssl=1"},"sameAs":["https:\/\/counterintelligence.pl","https:\/\/www.linkedin.com\/in\/kamil-bojarski\/","https:\/\/x.com\/lawsecnet"]}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/counterintelligence.pl\/wp-content\/uploads\/2021\/11\/Zrzut-ekranu-2021-11-04-165258.png?fit=965%2C405&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/posts\/175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/comments?post=175"}],"version-history":[{"count":8,"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/posts\/175\/revisions"}],"predecessor-version":[{"id":189,"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/posts\/175\/revisions\/189"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/media\/183"}],"wp:attachment":[{"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/media?parent=175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/categories?post=175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/counterintelligence.pl\/en\/wp-json\/wp\/v2\/tags?post=175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}