# 94; Everest Ransomware Page: https://stenobird.com/podcast/inside-darknet-6682885/94-everest-ransomware Text version: https://stenobird.com/podcast/inside-darknet-6682885/94-everest-ransomware.md Podcast: [Inside Darknet](https://stenobird.com/podcast/inside-darknet-6682885) Published: 2025-11-15T09:00:00+00:00 Episode link: https://podcasters.spotify.com/pod/show/insidedarknet/episodes/94-Everest-Ransomware-e3aul4d Audio file: https://traffic.megaphone.fm/APO5285834390.mp3 Processing state: processed JSON: https://stenobird.com/v1/public/podcasts/inside-darknet-6682885/episodes/94-everest-ransomware Duration seconds: 1254 ## Resource An investigation into the discrepancy between Collins Aerospace's claim of a ransomware attack and the Everest Group's claim of a pure data breach. The episode explores the allegation that the company intentionally shut down systems to trigger insurance payouts. ## Highlights - Main idea: The Everest Group claims they only exfiltrated 50GB of data and never used encryption to lock systems - Failure mode: Critical infrastructure reliance on outdated software and insecure FTP servers allowed for massive data theft - Controversy: Allegations that the company manually disabled systems to claim ransomware damages for insurance purposes - Practical takeaway: Data breaches involving passenger and employee PII can paralyze international travel hubs without any encryption occurring - Failure mode: Lack of transparency in incident response can lead to secondary much larger-scale public distrust and chaos ## Topics Ransomware, Data Breach, Collins Aerospace, Everest Group, Cybersecurity, Infrastructure Security, Insurance Fraud, Darknet ## Chapters - 1:00 — The Airport Chaos: Description of the September weekend where major European airports like Heathrow and Berlin-Brandenburg were forced into manual operations. - 11:40 — The Scope of the Breach: Details on the 50GB of stolen data, including passenger PII, flight data, and internal network topology. - 14:40 — The Everest Group's Motivation: An interview with the group discussing their operational philosophy and their decision to target systemic negligence. - 19:10 — The Insurance Fraud Allegation: The group's claim that the company's shutdown was a coordinated effort to trigger insurance coverage. - 20:40 — The Aftermath: Reflections on the impact of leaks and the group's message regarding corporate accountability. ## Actions - request_transcript: `POST https://stenobird.com/v1/public/podcasts/inside-darknet-6682885/episodes/94-everest-ransomware/transcription-requests` — Idempotently request low-priority transcript generation for this episode. - read_markdown: `GET https://stenobird.com/podcast/inside-darknet-6682885/94-everest-ransomware.md` — Read the agent-friendly Markdown representation of this episode resource. A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed. ## Transcript Full transcripts are not published on public pages unless there is a clear rights basis.