Karissa Breen interviews James Taliento (AftrDrk) and Jeremy Kirk (Okta) about how the modern cybercrime landscape is expanding as cybercrime-as-a-service, underground forums, and tutorials lower the barrier to entry, making it easier to buy hosting, info-stealers, distribution, stolen credentials, session cookies, and phishing kits, including ways to bypass MFA.

They discuss how jurisdictional limits, especially Russia not extraditing citizens, and Russia’s criminal-state nexus enable ransomware operations, while other nation states differ in motivation (e.g., China and industrial espionage). They note glamor, money, peer recognition, and thrill-seeking as key psychological drivers, including Western/English-speaking extortion groups.

Defensive recommendations include phishing-resistant passwordless authentication, tightening IAM, controlling agentic AI “shadow agent” risks and access, prioritizing actions using threat intelligence, and reducing exposed attack surfaces like VPN/edge systems and managed file transfer platforms targeted by groups such as CLOP.