Chasing The Most Hated Hacker In History - Joe Tidy
Chris Williamson (host), Joe Tidy (guest), Narrator
In this episode of Modern Wisdom, featuring Chris Williamson and Joe Tidy, Chasing The Most Hated Hacker In History - Joe Tidy explores teenage hackers, ransomware chaos, and the rise of digital cartels The conversation explores how loosely organized teenage hacking crews, exemplified by Scattered Spider, evolved into highly disruptive cybercrime actors targeting major retailers and infrastructure. Joe Tidy traces the cultural and technological shifts—from Twitter-era clout chasing to Bitcoin-fueled monetization—that turned “chaotic good” hacker culture into “chaotic evil” digital cartels. He profiles notorious figures like Julius Kivimäki, dubbed the most hated hacker in history, and Russian gang EvilCor to show how ego, lax security, and geopolitical shelter make cybercrime both powerful and messy. Alongside worst‑case scenarios like attacks on hospitals, cars, and nuclear programs, Tidy emphasizes that most hacks still exploit basic human error and weak security hygiene.
Teenage hackers, ransomware chaos, and the rise of digital cartels
The conversation explores how loosely organized teenage hacking crews, exemplified by Scattered Spider, evolved into highly disruptive cybercrime actors targeting major retailers and infrastructure. Joe Tidy traces the cultural and technological shifts—from Twitter-era clout chasing to Bitcoin-fueled monetization—that turned “chaotic good” hacker culture into “chaotic evil” digital cartels. He profiles notorious figures like Julius Kivimäki, dubbed the most hated hacker in history, and Russian gang EvilCor to show how ego, lax security, and geopolitical shelter make cybercrime both powerful and messy. Alongside worst‑case scenarios like attacks on hospitals, cars, and nuclear programs, Tidy emphasizes that most hacks still exploit basic human error and weak security hygiene.
Key Takeaways
Most high‑impact hacks still begin with low‑tech social engineering.
Attacks on firms like M&S likely start with simple tactics—phishing emails or phone calls to IT help desks posing as staff—rather than Hollywood‑style code exploits, underscoring that human error remains the primary entry point.
Get the full analysis with uListen AI
Clout culture and cryptocurrency transformed teen hackers into profit‑driven criminals.
The shift from early, often idealistic hacker groups to today’s teenage cyber gangs coincides with Twitter’s follower/retweet economy and Bitcoin’s rise, giving young hackers both an audience and an anonymous payment rail.
Get the full analysis with uListen AI
Ransomware is the dominant cyber threat because it directly monetizes disruption.
By encrypting data and paralyzing operations—from supermarkets to hospitals—ransomware creates immediate leverage, allowing attackers to demand cryptocurrency payments that are difficult to trace and seize.
Get the full analysis with uListen AI
“Noob persistent threats” show you don’t need elite skills to cause elite damage.
Groups like Scattered Spider are often technically mediocre but extremely persistent and reckless; underestimated teenage crews using recycled tools and social engineering can still cripple large organizations.
Get the full analysis with uListen AI
The most harmful breaches exploit highly sensitive, personal data rather than just money.
The Vastaamo hack, where psychotherapy session notes for tens of thousands were stolen and used for individual blackmail, demonstrates that psychological and social damage can far exceed the financial loss from a cyberattack.
Get the full analysis with uListen AI
Operational security is where many ‘mastermind’ hackers fail.
High‑profile offenders like Kivimäki have been unmasked through blunders—accidentally dumping entire home directories, reusing handles, or flaunting wealth online—showing that ego and carelessness often undo sophisticated crimes.
Get the full analysis with uListen AI
Basic cyber hygiene dramatically reduces your risk compared to the ‘easy bucket’ of targets.
Using a password manager, unique strong passwords, multi‑factor authentication, and timely software updates won’t make you unhackable, but it moves you out of the lowest‑effort target pool most attackers prefer.
Get the full analysis with uListen AI
Notable Quotes
“They’re not advanced but they are persistent and they are a threat and we should take them seriously.”
— Joe Tidy (on teenage hacking crews as 'noob persistent threats')
“Everyone thinks that cybercriminals are masterminds when they’re carrying out the hacks, but they’re not masterminds at covering their tracks.”
— Joe Tidy
“The stuff you say to your therapist is the most sensitive information probably that you could ever hope stays safe.”
— Joe Tidy
“It took about four minutes. The security at Vastaamo was terrible.”
— Joe Tidy
“Hackers will always go for the easiest bucket. If you take yourself out of that easy bucket into the slightly harder bucket, you massively reduce your chance of getting hacked.”
— Joe Tidy
Questions Answered in This Episode
How should governments and companies rethink incentives so that top cybersecurity talent chooses public‑interest work over higher‑paid private or criminal paths?
The conversation explores how loosely organized teenage hacking crews, exemplified by Scattered Spider, evolved into highly disruptive cybercrime actors targeting major retailers and infrastructure. ...
Get the full analysis with uListen AI
Where should regulators draw the line between responsible threat research and glamorizing or inadvertently rewarding criminal hacker culture?
Get the full analysis with uListen AI
What realistic safeguards can be built into critical systems like hospitals, power grids, and autonomous vehicles to ensure they degrade safely under cyberattack rather than catastrophically?
Get the full analysis with uListen AI
Given the rise of ‘harvest now, decrypt later’ strategies, how urgent is a global shift to post‑quantum encryption, and who should pay for it?
Get the full analysis with uListen AI
How can parents and educators intervene in the common ‘gaming → cheats → hacking’ pipeline before it turns into serious cybercrime?
Get the full analysis with uListen AI
Transcript Preview
What's happening with Scattered Spider?
(inhales deeply) Well, Scattered Spider is the name of this very loosely coordinated collective of hackers that are, we think, currently causing havoc around the UK and the US as well. So, I don't know if you've heard about the news of the M&S cyberattack and the Co-op cyberattack. So, um, there's a really big ... If you're not in the UK, there's a really big, uh, chain of, of supermarkets called M&S, very much loved, over a hundred years old, one of the pillars of the High Street. And around Easter time, there was a cyberattack which started causing problems for M&S, and it just got worse and worse and worse for them. Because a-ori-... Initially they said, "Actually, we, we can't take orders on the internet," which, for a massive company like M&S is really bad. Then we started seeing logistics problems, empty shelves in some stores, and then around the same time, there was a very similar attack on the Co-op, again, another big supermarket chain in the UK. They also do funeral services and insurance as well. Um, that attack wasn't as bad, but again, we're seeing disruption at stores, empty shelvess, real chaos behind the scenes. And around the same time, we saw an attack on Harrods, obviously the, uh, the luxury retailer in London. Um, so everyone's wondering what on earth is going on. And things have got progressively worse, and then we hear the last couple of days, there are attacks on US retailers as well. And everyone is pointing towards this really infamous group called Scattered Spider. And they're not a normal cybercrime gang. They haven't named themselves that. They are, uh, you know, not very organized. They come together on Discord and Telegram. A little bit like... Have you heard of Anonymous?
Yes.
Yeah. So, they're a little bit like that, but more out for cybercrime and money and infamy than sort of hactivism. So, uh, one company called CrowdStrike started looking at this activity coming from this sort of corner of the, the cybercrime ecosystem, and they said, "Who are these people? Th- they're doing the same kind of tricks to get into, into places." So they nicknamed them Scattered Spider. Spider's the name that CrowdStrike gives cybercrime groups, and Scattered is, is what they, um, the term they give for, you know, because they're loose and they're all over the place.
Mm-hmm. Mm-hmm.
And actually, I'm looking right now at the CrowdStrike Scattered Spider figurine. Um, it's very controversial actually that they've done this, but here you go. So this is the... So they sell these on their merch website, and like I say, quite controversial actually because it kind of glamorizes these, these guys, and there are some people who would, who would say, "We shouldn't really glamorize cyber criminals." Because, um, the, the type of individuals that we think Scattered Spider are, very young, probably teenagers, in the US and UK, they will love the attention of having their own figurine.
Install uListen to search the full transcript and get AI-powered insights
Get Full TranscriptGet more from every podcast
AI summaries, searchable transcripts, and fact-checking. Free forever.
Add to Chrome