peter bassill · operator
$ grep -l "tag:ransomware" writing/

tag: ransomware.

8 pieces tagged ransomware, newest first. The full taxonomy is on the tag index.

2026·06·20 Prinz Eugen: the ransomware that takes your newest work first A new Go-based encryptor takes your most recently modified files first, inverting the assumption that fast response limits the damage. One data-broker turned operator, a UK firm already on the leak site. A board-level read, then a full technical teardown. ransomware · threat analysis · technical · board 15 min 2026·06·19 The criminals have a product team now: The Gentlemen and the industrialised EDR-killer A ransomware crew is shipping its affiliates a polished, standardised tool whose only job is to switch off your endpoint protection before the encryptor runs. The interesting part is not the malware. It is the business model. ransomware · byovd · endpoint · board 6 min 2026·05·11 April 2026, in retrospect The worst single month for cyber attacks on record. 105 publicly disclosed ransomware incidents globally. The UK third by volume. Looking back at it with a week's distance, three patterns matter more than the count. retrospective · ransomware · attribution · governance 7 min 2026·04·04 Healthcare's reckoning Three months of attacks have produced a clarifying set of numbers. £32.7m at Synnovis. 150,000 households warned at NHS Dumfries and Galloway. At least one patient death attributed. Healthcare is where concentration risk meets the lowest acceptable downtime threshold. healthcare · ransomware · governance · cni 7 min 2025·06·29 Synnovis, a year on One year after the Qilin ransomware attack on Synnovis took NHS pathology services in south-east London offline, what did we actually learn — and what is still unfixed? case-study · healthcare · ransomware · ned 7 min 2025·06·14 What the retail wave actually cost M&S resumed online orders this week after 46 days offline. Co-op is counting £206m. Harrods got off relatively lightly. Three compromises, one actor, one Easter weekend — and a lesson UK retail boards are still digesting. retail · ransomware · scattered-spider · governance 6 min 2024·03·19 Operation Cronos: what disruption actually achieves A month on from the NCA-led takedown of LockBit's infrastructure, the affiliate group is already back online and claiming new victims. What Operation Cronos achieved is real and worth defending — but it is not the dismantlement the headlines suggested. ransomware · law enforcement · craft 7 min 2021·06·10 Colonial Pipeline: the CNI lesson the UK should not need to learn the hard way Five weeks after the DarkSide ransomware attack on Colonial Pipeline shut down 45% of US East Coast fuel supply, what UK critical national infrastructure boards should be doing about it. cni · ransomware · governance · ned 7 min

all tags  ·  all writing