Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Is there really honour amongst cybercriminals or is it every hacker for themselves? On this episode of Razorwire, I’m joined by Martin Voelk, a seasoned ethical hacker, to take a look at how the world’s most notorious cybercriminal groups really operate. We trace the journey from early hacking culture to today’s sprawling underworld of digital organised crime. Along the way, we ask: What does “hacker” truly mean and who actually gets caught when the authorities close in?

The episode explores how modern cybercrime works, from the meaning of hacker and the growth of an underground industry to scapegoats, lone wolves and cartel style structures. Listeners hear how criminals cash out, protect themselves better than victims, exploit new AI tools and treat attacks as business, with no honour in sight. ⸻ For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com. We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion..

Security professionals aren't pessimists - we're realists. Cybersecurity requires realistic risk management, not blind optimism. Information security teams prepare for breaches, system failures and cyber threats through threat modelling, incident response planning and security controls. This security mindset focuses on organisational resilience and breach preparation, not hope.

Hope is not a security control. Security professionals aren't pessimists - we're realists preparing for when systems fail and humans make errors. We model worst-case scenarios and likely threats because probability beats hope every time. Cybersecurity requires realistic risk management and incident response planning, not blind optimism. That's the security mindset. Realism understands controls decay and breaches happen. Preparation stops incidents, not positivity.

Deepfakes and AI driven attacks are making it hard even for experts to tell what is genuine, from casual social videos to targeted messages. Recent cases used convincing voice and chat to pressure staff into password resets, fund transfers and access changes, forcing organisations to rethink how people validate what they see and hear.

The economic model of cybercrime is shifting from stealing data to creating time drag on the systems that keep the business running. Loud ransomware taught everyone to expect clear incidents, but quieter attacks now focus on prolonged disruption, where boards pay to restore growth and confidence without ever declaring a cyber event.

A realistic nation state style attack is less cinematic blackout and more slow grind, with degraded services, conflicting information and outages that are hard to prioritise. Public confidence erodes as friction spreads and misinformation amplifies the chaos, and history shows societies fail when trust in key systems collapses faster than those systems adapt.

A central government department relied on a part time virtual security lead, ageing tools and no central view of security data, with nobody owning real decisions. When asked what type of attacker would target their systems or whether they had a threat led defence, nobody from engineering to leadership had an answer, despite direct access to national guidance.