Connect with us


Inner Workings Of DarkSide Cybergang Reveal It’s Run Like Any Other Business




This is FRESH AIR. I’m Terry Gross. Ransomware attacks have disrupted the flow of gas and the supply of meat in just the past few weeks after Colonial Pipeline and JBS, the meat processing company, had their computer systems held hostage for ransom. Similar ransomware attacks have been waged on many companies, large and small, and on hospitals, the police and cities. My guest got an inside look at how the new breed of ransomware attackers operate.

Michael Schwirtz is an investigative reporter at The New York Times who gained access to secret communications from the cybercriminal operation DarkSide that attacked Colonial Pipeline. These communications offered what he described as an extraordinary glimpse into the internal workings of a Russian-speaking gang that had become the face of global cybercrime. DarkSide pulled in millions of dollars in ransom payments each month after. They were outed as the attackers of Colonial Pipeline, they went dark.

Schwirtz has also reported on the company that attacked JBS, which is called REvil – R-E-V-I-L. These cybercriminals and many others are believed to be operating from Russia. Schwirtz worked in The New York Times’ Russia bureau from 2006 to 2012. Last year, he was a lead reporter on the team that won a Pulitzer Prize for a series of articles about Russian intelligence operations around the world. We recorded our interview yesterday morning.

Michael Schwirtz, welcome to FRESH AIR. The inner workings of ransomware that you found out were fascinating. Let’s start with what you learned the victim sees on the screen when DarkSide captures the computer system.

MICHAEL SCHWIRTZ: Right. When the ransomware is uploaded into a victim’s computer system, the first thing they see is a ransom note. It says at the top, welcome to DarkSide. And it contains a list of instructions on how the victim can go about unlocking their data. They have no access to their data. And what they need to do is they’ll rely on DarkSide by paying a ransom to provide them with a key that will allow them to get these files back. And the letter is written in a kind of very formal, businesslike manner with very subtle threats. They’re warned – victims are warned not to try and tamper with their computer systems themselves, try not to access their data themselves, because this may result in the loss of the data completely. And so they’re instructed to get in touch immediately with a DarkSide representative to begin negotiations over the ransom.

GROSS: And it not only locks victims out of computer systems. The hackers can steal proprietary data.

SCHWIRTZ: Right. And this is basically to put added pressure on the business. Not only does the victim risk losing access to important computer files that may be necessary for the day-to-day running of the business, but the hackers will threaten to spill this information into the public domain to be used by competitors, to be used by other hackers to carry out additional attacks on the company. And so they’re really, really hard pressed to act very, very quickly to clear this up – the victims are.

GROSS: Now, the ransom is paid and cryptocurrency like Bitcoin. Most people don’t know how to use Bitcoin. So DarkSide actually has, like, a helpdesk to help the victims pay the ransom.

SCHWIRTZ: Right. It’s a really user-friendly experience. There’s a helpdesk like any other…

GROSS: Great (laughter).

SCHWIRTZ: …You know, when your internet goes out, you contact your internet service provider. And sometimes there’s a chat. It’s a very similar service. And it’s the goal of these hackers to make this as simple as possible, so that people are more willing to just pay the ransom and get it out of the way and get back to business, rather than put up a real fight to try and get their data back that wouldn’t result in them getting paid.

GROSS: DarkSide is a cybercriminal gang, but it’s set up like a business with affiliates. What are the affiliates?

SCHWIRTZ: What DarkSide does is they’re a ransomware creator. So they create the program that is uploaded into a victim’s computer system that locks down their data. But what they do is they basically contract out to these affiliates who are other hackers. And these are the people that are responsible for actually penetrating the victim’s computer services. And what they do is operate basically on a subscription service. You, as an affiliate, can sign on to DarkSide services, in which case you get access to their malware, their ransomware to use for a fee that operates on a sliding scale depending upon the size of the ransom.

GROSS: What’s the profit model for both DarkSide and for the affiliate it’s working with? For example, Colonial Pipeline was told to pay $4.5 million to get access again to its computer system. Colonial Pipeline paid the $4.5 million. How is that divided between DarkSide and the affiliate that actually did the hack?

SCHWIRTZ: So DarkSide takes a cut. And so the way it worked with DarkSide, which I am told is fairly generous, if the ransom that was charged that was eventually obtained was less $500,000, DarkSide would take about a 25% cut. And this moved down to about 10% for ransoms over $5 million. So DarkSide would have taken about 10% of the ransom paid by Colonial Pipeline for its attack, with the remaining going to the affiliate, which is the – an organization or an individual that actually penetrated the computer systems and infected the company’s computer systems with the ransomware.

GROSS: So do these different ransomware groups compete with each other? Do they advertise to affiliates that want to work with a group that actually has the malware that they need?

SCHWIRTZ: They do, because it’s a symbiotic relationship with these affiliates. You know, they can work – DarkSide can work with dozens of affiliates who are working round the clock trying to find vulnerabilities in various companies and inserting the malware. And they just have to sit back and wait for these attacks to be successful. But they do advertise. There are dark web forums, a number of very, very big and prominent Russian-language dark web forums which exist, in part, to serve as advertising platforms for these groups, not only of the ransomware developers advertising on those platforms, the affiliates are also advertising their services. So these forums act as kind of grease to this operation, allowing these groups to interact with one another and form partnerships.

GROSS: So you got access to the DarkSide dashboard. Explain what a dashboard is for people who don’t know and what you saw on it.

SCHWIRTZ: So the dashboard is is sort of the interface that is used both by DarkSide developers themselves and by the affiliates. And so what I got access to was the affiliate dashboard. And from there, you can get access to news about the latest hacks coming from DarkSide. You can get news about the profits. It had a ticker on it that was set up to count profits coming in, so you could keep an eye on how well the group was doing financially. And it also provided, like we were talking about, a tech support function where you can enter into a chat with a customer service representative from the DarkSide if you were an affiliate and had any problems.

GROSS: What insights did seeing the dashboard give you about the operation?

SCHWIRTZ: One thing that I think was the most striking was just how mundane it is. It was like entering into any other sort of company’s computer systems. It was – there was a news ticker. There were press releases talking about latest services that were being offered to affiliates. One of the more recent press releases was about a news service in which DarkSide would be starting up a project to offer DDoS attacks – distributed denial of service attacks – against victims’ computer systems, which is a way of overloading a victim’s computer systems with fraudulent requests. And this was another way to put the screws to victims who may not be so willing to fork out the ransom. And so that – I mean, that was the most striking thing about it. This was being run just like a regular business. And, you know, we were able to get a look at how this business was run and how it was developed, going back into the archives and looking at news release, looking at company communications, going back to the group’s inception, which occurred around August of last year.

GROSS: You make contact with a customer support employee. It sounds so legit. So what was the communication?

SCHWIRTZ: After I had spent some time exploring the dashboard, I decided that I was going to reach out to the customer support office at DarkSide. And it’s a very simple thing to do. It’s a similar interface to one that everybody is used to using when talking to customer support. There’s a little button down in the lower right-hand corner of the screen that says chat. I opened the window and just wrote hello in Russian just to see if I could get any response. And sure enough, within about five or 10 minutes, somebody came on the line and said they were there and asked what I needed. And at that point, I introduced myself as a reporter with The New York Times, as we are required to do according to our rules. And within minutes, I was kicked out of the site, and the account was closed down.

GROSS: Was that the response you were expecting when you identified yourself?

SCHWIRTZ: It was. It was. I had a small sliver of hope that I might be able to engage with somebody from DarkSide for a bit longer. But that was definitely the odds-on reaction that I was expecting.

GROSS: A lot of reporters would have just entered under a false identity, gone in undercover, so to speak. What is The New York Times’ rule surrounding that?

SCHWIRTZ: Ethically, we’re not allowed to go undercover. And as a rule, I always introduce myself as a Times reporter first so that nobody’s under any illusion about who I am and what I want. And so while going in undercover and pretending to be an affiliate – and in this case, we were using the account of an affiliate named Woris. So this was an actual account for an actual affiliate that had been in contact and involved in attacks with DarkSide in the past. So I wanted to make it very clear that I was not this individual Woris and that I was somebody new. And ethically, that is – that’s Times policy.

GROSS: Well, we need to take a short break here, and then we’ll talk some more and pick up where we left off. If you’re just joining us, my guest is New York Times investigative reporter Michael Schwirtz. We’ll be right back. This is FRESH AIR.


GROSS: This is FRESH AIR. Let’s get back to my interview with New York Times investigative reporter Michael Schwirtz about ransomware attacks and how the attackers operate. He gained access to secret communications from the cybercriminal operation DarkSide that attacked Colonial Pipeline. He’s also written about how REvil operates. That’s the cybergang behind the ransomware attack on JBS, the giant meat processing company.

So you not only managed to get a momentary chat (laughter) with basically somebody from customer support, you got access to some secret communications from DarkSide. What were some of these communications?

SCHWIRTZ: Correct. Well, the communications were saved, essentially, within the chat system on the dashboard. And so this individual, Woris, was the affiliate, had been communicating throughout probably since about February with the customer support service from DarkSide because the affiliate had been having trouble getting a victim to pay. And so I was able to basically trace the process of an attack and the process of squeezing a victim from the – almost from the very beginning by following these chats and from the sort of mirror images of what we’re used to. What we normally get is a victim explaining to us how these attacks were carried out from their perspective. So it was very, very interesting to watch how one of these attacks and the negotiations – the subsequent negotiations that occurred over the ransom played out from the perspective of the hackers who were involved in the attack.

And the victim, which in this case is a small American publishing company that deals primarily with clients in primary education, the victim was putting up a bit of a fight. And Woris, the affiliate, was in discussions with DarkSide about how to put on additional pressure so that this victim would pay up. And it wasn’t a small amount of money they were talking about. It’s a small company, but what the ransom was that they had decided on was $1.75 million. And so this company seems to have balked at paying this amount of money to get its systems back online and was putting up a resistance. And the chat consists of these two individuals or perhaps groups basically charting out a strategy for putting the squeeze on them to get them to pay up.

GROSS: So this isn’t a big corporate publishing company we’re talking about. It was a family-run company. And for this company, 1.7 million was a lot. So what were the threats against them?

SCHWIRTZ: There was a number of threats that they had come up with, and it’s unclear to me how many of these were implemented. There were – one of the earliest threats that they had discussed was essentially trying to blackmail the company. They threatened – because, as we mentioned, they had gained control over proprietary information. This is information about clients, again, who are primarily in primary school education. And at one point, they decided to threaten to spill information about clients onto the dark web. And they added that this information could be used by pedophiles to make fake IDs that would allow them to enter schools and threaten children. I think this was a fanciful idea on their part, but it shows sort of the mindset that they had. They were willing to make these kinds of threats in order to try and get this company to pay up.

GROSS: In one of the conversations between DarkSide and Woris, Woris was laughing about the pedophile threat. And Woris, whoever that is – or whoever the group is wrote, I laughed to the depth of my soul about the leaked IDs possibly being used by pedophiles to enter the school. I didn’t think it would scare them that much.

SCHWIRTZ: Right. And I think this company, you know, for good reason, was really spooked that, one, proprietary information about clients would get out. This could, perhaps, be a threat to them. But also, this would be a big threat to their business if it was discovered that they had lost control of information and allowed people’s identities to be compromised, right? Nobody wants to, you know, imagine that their personal information is floating around on some dark web site, you know, ready to be plucked up by a cybercriminal and used for who knows what means.

GROSS: Does DarkSide and the affiliate that it’s working with to do the ransomware attack, do they collaborate on what the threats should be and how they should be expressed to the victim?

SCHWIRTZ: They do. At several points in the chat, it becomes clear that Woris is the one writing communications that they want sent to the victims. So they write a letter that is supposed to be addressed to clients of this company that is refusing to pay. And then the letter is passed on to DarkSide. And DarkSide is actually doing the direct negotiations with the company. So when the company is communicating with the hackers that hacked into its system, it’s communicating with DarkSide. But Woris is there behind the scenes, basically, coaching DarkSide on what to say.

GROSS: So how did the publishing company that was – that had its computer system held hostage by Woris and DarkSide, how did the company handle it? I know the company negotiated. Who do they negotiate with? And what do you know about how the negotiations went?

SCHWIRTZ: They negotiated directly with DarkSide. So as I explained early on, they would have received this letter, a ransom note, giving them instructions on how to contact DarkSide and begin these negotiations. And that appears to be what they did. The negotiations were done primarily through email and a specialized chat service probably similar to the one that I was seeing on the dashboard, the DarkSide dashboard for the affiliates. And they were communicating with somebody who used very, very bad English. And…

GROSS: Because they’re Russian-speaking, the cybergangs.

SCHWIRTZ: They’re Russian-speaking. It’s interesting to me that there were not better English speakers that could be utilized for this purpose. But when you look at some of the communications between the DarkSide negotiators and the company, the English language skills are pretty poor. And, you know, this company negotiated with DarkSide for several weeks and maybe a few months before – negotiations broke down around the time of the Colonial Pipeline hack, at which point, DarkSide had to contend with all of the troubles that arose following the massive international reaction to that attack.

GROSS: So during the months of negotiation, was this publishing company locked out of its own system? And if so, how did it function? You might not know the answer to that.

SCHWIRTZ: According to the company – and I’ve communicated with them – they were locked out of their information for a while. And it was pretty damaging to their business. They wouldn’t go specifically into sort of monetary losses that they endured as a result of this. But according to them, it was fairly damaging. And they were working very hard to both keep their systems online, but also avoid paying what would have been a very, very steep price. They also approached the FBI. And the FBI began investigating as well. The thing that I don’t know – I do know the ransom was never paid. I do not know what happened to the company’s information because DarkSide, as has been reported, has gone quiet, at least, if it hasn’t disappeared completely. And so the fate of victims who had not yet resolved their attacks, I think, is a bit unclear.

GROSS: Do you think that the publishing company negotiated a long time to stall so that the FBI could continue to investigate who was behind the attack?

SCHWIRTZ: There was some indication that that was the case. And I don’t – I’m not privy to details about the federal investigation into the case. But, yeah, there is some indication that the company was trying to, basically, keep DarkSide on the line while the FBI investigated. And as has been revealed in almost-daily updates about the Colonial Pipeline attack, it seems as if the FBI had been investigating DarkSide almost since its inception. And it had gained a lot of real insight into how the company operated.

GROSS: Let’s take a short break here, and then we’ll talk some more. If you’re just joining us, my guest is New York Times investigative reporter Michael Schwirtz. We’ll talk more about ransomware attacks and who the attackers are after we take a short break. I’m Terry Gross. And this is FRESH AIR.


GROSS: This is FRESH AIR. I’m Terry Gross. Let’s get back to my interview with New York Times investigative reporter Michael Schwirtz. He’s been writing about ransomware attacks and how the attackers operate. He gained access to secret communications from the cybercriminal operation DarkSide that attacked Colonial Pipeline. These communications offered what he describes as an extraordinary glimpse into the internal workings of a Russian-speaking gang that had become the face of global cybercrime. He’s also written about how REvil operates – that spelt R-E-V-I-L. That’s the cybergang behind the ransomware attack on JBS, the giant meat processing company.

Let’s talk about the Colonial Pipeline hack. Colonial Pipeline paid the ransom. The CEO says he thought it was in the best interest of the country to make sure that the oil kept flowing because this is a pipeline that supplies much of the East Coast. So they paid – and I think they paid pretty quickly. So was this attack against Colonial Pipeline through an affiliate of DarkSide?

SCHWIRTZ: Yeah. That’s how it would have worked. I don’t know that we have a lot of details about the affiliate in this case, but it would have been likely an affiliate using DarkSide’s ransomware in the same way that Woris sort of carried out the attack on this publishing company, another affiliate would have carried out the attack on Colonial Pipeline. And DarkSide would have been the direct interface conducting negotiations with Colonial to get their systems back up and running.

GROSS: Do you have any idea what the negotiations were like between the affiliate and Colonial Pipeline?

SCHWIRTZ: I do not know, but it seemed to have happened very, very quickly. The CEO of Colonial testified this week that the ransom was paid even before the FBI was contacted to inform them about the ransomware attack. I believe the first we had heard the Colonial Pipeline had been the victim of a ransom attack was on the 7 of May. And by the 8 of May, there’s evidence that money had been transferred from Colonial to a Bitcoin account operated by DarkSide. So if there were any negotiations, they happened very, very quickly and resulted in a big payday for DarkSide, at least initially.

GROSS: You know, authorities often warn that you should not pay ransomware attackers, because even if you pay, they might still not free up your computer system. Do they offer any guarantee? Does DarkSide have any ethics about actually following through on its word that if you pay the ransom, you’ll get your intact computer system again?

SCHWIRTZ: The whole ransomware industry depends on a kind of honor system. And so it is very much in the interest of the ransomware companies to pay. If it gets out there that there’s a ransomware criminal gang that is locking down computers, collecting ransoms and refusing to pay, there’s going to be very, very little incentive for victims to hand over a bunch of money. Everything in the ransomware business revolves around making it as easy as possible for victims to hand over money. If it becomes any more difficult than it is, you know, victims are going to invest their time and energy into finding ways to avoid doing that.

What these ransomware companies want you to do when you’re a victim of these attacks is to make a calculation in your head. How much is it going to cost me to engage into lengthy negotiations to try and get this ransom tossed out? How much is it going to cost me to resist? And is it just cheaper for me to pay this ransom and get on with my business? And I think for a number of companies, because of the way the ransomware industry has evolved, a number of companies make the calculation that it’s just better to pay and get on with it. Obviously, then this feeds the industry and allows it to continue to grow.

GROSS: My understanding is that the CEO of Colonial Pipeline did not communicate with the FBI until after the ransom was paid, but the FBI did eventually manage very recently to get access to a Bitcoin wallet that was used by Colonial Pipeline to pay the ransomware attacker. What do you know about how the FBI was able to do that or what that even means? Most of us don’t really understand cryptocurrency talk, so if you can explain what happened.

SCHWIRTZ: Right. And this was a really big deal because I think it’s, you know, the first or at least the first major effort by the FBI to really go after one of these, you know, largely virtual ransomware game. And what appears to have happened is that the FBI, soon after DarkSide’s creation in about August 2020, started investigating its finances. And basically, the way these groups operate is they set up cryptocurrency accounts which allow for easily transferable funds from a victim to the hackers. And they set up a number of these accounts into which victims will pour their funds.

And so when this Colonial Pipeline attack happened, the FBI already had very good insights into where DarkSide was storing its money, these digital wallets, as they’re called, for Bitcoin. And what appears to have happened is that the FBI actually hacked into one of these wallets that was containing Bitcoins that were transferred from the Colonial Pipeline Company and took it back. And this amounted to – because of the price, the changing price in Bitcoin, this was a little less than what the company paid, but nevertheless, it was over $2 million worth of Bitcoin that was taken back from the hackers, which is just something that we’ve never seen before.

GROSS: So my understanding is that the affiliate of DarkSide didn’t get paid, but DarkSide managed to keep their money because it was only the wallet from the affiliate that was hacked.

SCHWIRTZ: It appears that DarkSide managed to keep its money, but that that much is not clear either. Shortly after the Colonial Pipeline attack, DarkSide came under what it said were threats coming from the United States, some sort of undetermined kind of attack from the United States. And it announced publicly on its public-facing webpage that its Bitcoin accounts had been drained. And there had been mystery about whether, in fact, they drained the Bitcoin accounts themselves in order to hide their assets or that somebody else might have done it.

At the time, the United States said that it had not infiltrated the group’s accounts. But it seems that later, just in the last few days, the FBI had been able to at least find one wallet probably belonging to an affiliate from which it extracted these funds.

GROSS: Let me reintroduce you again. If you’re just joining us, my guest is New York Times investigative reporter Michael Schwirtz. We’ll talk more about ransomware attacks after a break. This is FRESH AIR.


GROSS: This is FRESH AIR. Let’s get back to my interview with New York Times investigative reporter Michael Schwirtz about ransomware attacks and how the attackers operate. He gained access to secret communications from the cybercriminal operation DarkSide that attacked Colonial Pipeline.

So DarkSide went dark. What does it mean that DarkSide went dark? Does it mean they disappear, or maybe they’re just kind of creating another iteration of the group with, you know, with different – I don’t even know the language – different passwords or encryption or whatever?

SCHWIRTZ: I mean, a different – I mean, just a rebranding exercise. That’s possibly what it was. The timeline of the shutdown is unclear. So shortly after DarkSide was identified by the U.S. government as being involved in the Colonial Pipeline attack, the group itself announced that it was shutting down. And this was a few days after they were announced in connection with this attack. They announced that they were voluntarily shutting down and that they would be operating as kind of a private service, so they wouldn’t be taking on new affiliates. They would continue to work with their affiliates in some guise. And they announced that they were taking down all of their infrastructure, their dashboard and things like that. But when I entered into the dashboard, which was about 10 days after this announcement, it was still open and active, though it had been clear that the accounts were drained or at least the tickers which showed the profits that they were bringing in from these random attacks read zero.

And so whether or not they have shut down and these individuals have decided they’ve made enough money and they’re going to retire and then find some other line of work or whether they are just rebranding and regrouping, it’s unclear. There’s some evidence that exists that DarkSide was merely an affiliate of this other large ransomware hacking group REvil that then repackaged itself as a ransomware developer around August last year. So these groups go through a number of iterations. You know, they shut down and pick back up all the time. And so it wouldn’t be surprising that the individuals who are behind DarkSide either joined other groups or set up another group under a different name and continue doing this sort of work.

GROSS: So how big of a victory do you think the FBI actually scored against DarkSide in particular and ransomware hackers in general?

SCHWIRTZ: I think it’s hard to say right now, but I think it’ll be interesting to see what the reaction is to the FBI’s going in and retaking some of this ransom that Colonial Pipeline paid. It basically sends a message that there’s not the impunity that you thought you had. In the past, once you got the money, you were basically scot free. And this is showing that there perhaps some consequences, at least to targeting the wrong kind of company. I don’t know that the FBI has the resources every single time there’s an attack to go after and take the money back. It’s probably a large effort. And this is, you know, perhaps – I don’t want to say it’s completely symbolic, but perhaps, you know, the larger effect will be symbolic by putting these individuals on notice that there are cases in which they will cross the line and their earnings could be in jeopardy.

GROSS: So what’s the understanding of what kind of case would cross the line? And do groups like DarkSide or REvil have a code about who is off-limits?

SCHWIRTZ: Well, what was special about the Colonial Pipeline attack was that it was a company that was involved in critical infrastructure. This company had customers going from Texas to New York. And shutting down the pipeline, which we should be clear, the company made the decision to shut down the pipeline as an administrative matter because it wasn’t able to ensure that its customers would be able to pay for its deliveries. DarkSide didn’t, in fact, shut down the company’s pipeline. But nevertheless, it caused huge amounts of disruption and was a real wake-up call to policymakers, I think, in Washington and everywhere about the dangers that ransomware poses.

And this is something that ransomware operators just really don’t like. They’d like to operate in the shadows. They don’t want a ton of attention. And they certainly don’t want to touch off a geopolitical conflict as a result of their business. Their job, as they see it is, to just get money and do it as quickly as possible without causing anything of a fuss. And so there were some really real recriminations in the ransomware world following the Colonial Pipeline hack. One of the major forums where cybercriminality is organized, one of the major Russian-language forums announced that it was banning all ransomware activity from its site. REvil, which we’ve mentioned, and some other groups reiterated long-standing rules against attacks on critical infrastructure as well as hospitals, educational institutions.

And I should say that DarkSide had these rules in place as well. And it’s not clear whether the affiliate in this case that went after Colonial Pipeline just got a bit ahead of their skis and thought that, you know, they could attack the business side computer systems of this pipeline company and avoid sort of the larger ramifications that occurred or whether they just weren’t thinking or they just got too greedy. But it’s unclear. But there was a definite reset in the ransomware world as a result of this.

GROSS: One of the things – perhaps the main thing that has made these ransomware attacks possible is cryptocurrency, digital currency like Bitcoin. And most of us don’t really understand how this works. But can you explain a little bit about why cryptocurrency has allowed these ransomware attacks to flourish?

SCHWIRTZ: One of the major features of cryptocurrency is that you can be anonymous. You’re not handing over your banking information, right? You are transferring money into an anonymized wallet, essentially a digital wallet or an account that holds Bitcoin, which is just a currency like any other, like pounds, like dollars, like yen. And it’s easily transferable from wallet to wallet. Once you transfer your dollars into Bitcoin, you can transfer from wall to wall.

So it – in the past, the way a lot of cybercriminality worked, it revolved around banking systems, right? You had to find ways to get people to give you their banking login credentials – in which case, you could drain their accounts. But you couldn’t just drain their account and send it to your account, you know? You had to launder the money through a range of accounts and, in some cases, use individuals to physically bring cash across borders.

These days, you have your victim – one, you know, ransomware basically allows you to just ask your victim for the money. You don’t have to trick them into giving you anything. You just have to infiltrate their systems and threaten to destroy their business. But then they just hand you over the money. And Bitcoin and other cryptocurrencies have allowed the transfer of this money to happen very, very easily. So it’s just, you know, you transfer your dollars into Bitcoin. And then you send your money from your account to the hackers’ account. And then the transaction is done.

GROSS: So – you know, we were talking about DarkSide. You’ve also looked into REvil, which is another ransomware group that works with affiliates. The affiliates actually do the hacking of the group and ask for the ransom. But they do it with the help of REvil or DarkSide or whoever the malware originator is. So can you compare REvil and DarkSide or compare the attack on JBS to the attack on Colonial Pipeline just to show what these groups have in common and what the differences are?

SCHWIRTZ: I mean, it’s hard to compare and contrast. DarkSide is, perhaps, according to some cybersecurity researchers – the members of DarkSide of, the members that created DarkSide were, perhaps, affiliates of REvil. So they were, perhaps, working with REvil’s ransomware at one point before they set off on their own and made their own product. The thing that ties them both together and I think is most significant is that both groups appear to operate largely inside Russia. And I’d caveat that to an extent because some of these groups can be rather big. And they – because of the nature of the work being online, individuals can operate anywhere in the world. But at least the core of the operation is based in Russia and among Russian-speaking users.

GROSS: Let me reintroduce you if you’re just joining us. My guest is New York Times investigative reporter Michael Schwirtz. We’ll talk more about ransomware attacks after a break. This is FRESH AIR.


GROSS: This is FRESH AIR. Let’s get back to my interview with New York Times investigative reporter Michael Schwirtz about ransomware attacks and how the attackers operate. So REvil and DarkSide are based in Russia, as are many other cybercriminal gangs. Why is Russia such a hub for cybercriminals?

SCHWIRTZ: There are a number of reasons for this. First, you know, the education system that focuses on math and science is very, very robust. But there are countries with robust, you know, computer science cultures all around the world. And I think what sets Russia apart and what makes the country a greenhouse for this type of activity – to use the term one cybersecurity researcher used with me – is that the government at best turns a blind eye to these sorts of activities and at worst co-ops and uses these groups as part of a broader, geopolitical strategy meant to undermine Western countries.

GROSS: How do they get away with it in Russia?

SCHWIRTZ: There’s a simple answer – there’s a simple and more complicated answer to that. The simple answer is that the Russian government has, basically, taken the stance that if none of these individuals are attacking Russian interests, so companies inside of Russia, then they can’t be prosecuted under Russian laws. Russian law, according to the Kremlin, according to Vladimir Putin himself, does not have a provision for prosecuting individuals for carrying out ransom attacks against American companies. And so as long as these groups avoid attacking companies within Russia – and often, these groups will have rules prohibiting attacks against companies not only in Russia but also in the former Soviet Union at large. They are able to do so with impunity, which makes this problem very pernicious and difficult to snuff out if you’re coming at it from a law enforcement perspective.

GROSS: With so many Russian cybergangs attacking computer systems in America and other places around the world, do we know if Russian intelligence is cooperating with them, helping them in any way, and if Putin sees this as a kind of way of flexing his muscles without having any fingerprints on it?

SCHWIRTZ: And there’s a number of different ways that I think the Russian government and the intelligence services are involved. I don’t think that every single attack has a Russian intelligence or law enforcement angle to it. But there is evidence that Russian intelligence services have co-opted cybercriminals to engage in intelligence. You know, it just too good of an opportunity to explore the computer systems of your enemies if you’ve already got a robust industry of individuals breaking into systems.

So what seems to occur on occasion is that the intelligence services will make relationships with these cyber criminals and ask them, say, you know, they’ll make a deal and say, you know, let’s say we’ll let you continue to engage in these sorts of operations and make money. But if you come across any sort of computer systems that might interest us, if you break into any government computer systems that might possess intelligence that could be used for national security purposes, you need to let us know.

Now, there are also more direct use of cybersecurity infrastructure by the intelligence services. We’ve seen cases – there was one case from a few years ago where the operator of a very large botnet, which is a network of infected computers, started running searches that appeared to indicate a hunt for actionable intelligence. There were searches for information about a weapons deal between the United States and Turkey. There were searches for information about the situation, the war going on in Ukraine.

And this fell so far outside of the normal operations of this infected network, which was generally focused on stealing banking credentials, that most security researchers and intelligence officials in the United States and elsewhere assumed that this was the Russian intelligence services basically coopting an infected network to engage in intelligence gathering.

GROSS: President Biden is meeting with Putin next week. Do you assume that ransomware is going to come up in the conversation?

SCHWIRTZ: It’s definitely going to come up in the conversation. I think the Biden administration has made that clear. The real question is what the United States can do about it. The United States has leveled sanctions against Russian entities for involvement in cyberattacks carried out by the Russian intelligence services. And these would be overt attacks, you know, presumably ordered at the highest level of government to, in fact, the government computer systems. And the SolarWinds attack recently, which was recently revealed, comes to mind as part of that.

But these ransomware attacks fall into this sort of strange area where the Biden administration and Western governments in general have to be a bit more creative because normally, this would be a law enforcement issue. And if Russia were an ally, the FBI could meet with the FSB, which is Russia’s version of the FBI, and hash out a plan for going after these groups. But that’s an impossible thing to do when the Russian government is, at very best, turning a blind eye to these groups, but often protecting them.

GROSS: So these cybergangs, this ransomware, this is like criminal activity. Even if the Russian intelligence is collaborating with them in some way, it’s not official. And I don’t know if the U.S. could prove that Russian intelligence is working with them at all. So can Biden use something like the military Cyber Command to go after the ransomware attackers, or would that be considered an inappropriate use of the military because it’s a criminal action?

SCHWIRTZ: Right. This is the sort of gray area that we find ourselves in. I think the administration is pretty reticent to use the military, like you said, to be – for involvement in what is generally considered a law enforcement issue. I think it’s no surprise to see that it was the FBI that was involved in extracting these Bitcoins from the DarkSide affiliate’s wallet and not some other entity within the U.S. government. It’s a very difficult thing to unleash the U.S. military, even in the realm of cyber, on the citizens of a country with which you share an adversarial relationship or anywhere, right?

The potential for escalation is just unknown. And I think the administration is rightly treading carefully. And there just isn’t a playbook for dealing with this. And part of that reason is because, you know, there’s a hazy line between criminality, pure criminality and, you know, Russian-government-sanctioned actions that the administration and I think everyone is trying to figure out in this world of cybercriminality.

GROSS: Well, Michael Schwirtz, I want to thank you so much for talking with us.

SCHWIRTZ: I really appreciate it. It’s been an honor. Thank you.

GROSS: Michael Schwirtz is an investigative reporter for The New York Times. If you’d like to catch up on FRESH AIR interviews you missed, like this week’s interview with Rita Moreno about the ethnic stereotyping and sexual harassment she faced in Hollywood and her tumultuous relationship with Marlon Brando, check out our website. You’ll find lots of FRESH AIR interviews.


GROSS: FRESH AIR’s executive producer is Danny Miller. Our technical director and engineer is Audrey Bentham. Our interviews and reviews are produced and edited by Amy Salit, Phyllis Myers, Sam Briger, Lauren Krenzel, Heidi Saman, Therese Madden, Ann Marie Baldonado, Thea Chaloner, Seth Kelley, Kayla Lattimore and Joe Wolfram.


0 Comentarios

Continue Reading
Click to comment

Deja un comentario


6 personas que podrían haber escrito las cartas de Circleville



6 personas que podrían haber escrito las cartas de Circleville

A finales de los 70, alguien comenzó a aterrorizar a la pequeña ciudad de Circleville, Ohio, difundiendo chismes y revelando los secretos sexuales de la gente del pueblo a través del correo. Era muy análogo Chica chismosa, pero con divorcio, asesinato y encarcelamiento falso. La identidad del escritor de Circleville es uno de los misterios más extraños de la verdadera historia del crimen. Comenzó en 1976 cuando la gente de Circleville comenzó a recibir cartas que contenían información sobre sus vidas personales. Muchas de estas cartas eran sobre la vida sexual privada de los destinatarios. Las cartas tenían matasellos de Columbus, Ohio.

El destinatario de la primera carta fue Mary Gillispie, una conductora de autobús local que fue acusada en varias cartas de tener una aventura con el superintendente de la escuela local, Gordon Massie. En ese momento, Mary dijo que la aventura nunca tuvo lugar. El autor de la carta dijo que estaban «vigilando» la casa de Mary y sus hijos y le dijo que detuviera la aventura. Más tarde, el esposo de Mary, Ron Gillispie, también recibió una carta que decía que Mary estaba en peligro si no podía detener su aventura. Otra carta decía que el escritor mataría a Ron a menos que Ron le contara a la junta escolar sobre el asunto. Una de las cartas de Ron decía: “Gillispie, has tenido 2 semanas y no has hecho nada. Hágale admitir la verdad e informe a la junta escolar. Si no, lo transmitiré en CB, carteles, letreros y vallas publicitarias, hasta que salga la verdad «.

Un ejemplo de una de las letras de Circleville.

Desde el principio, Mary tuvo la sospecha de que un compañero conductor de autobús llamado David Longberry era el redactor de la carta. Mary había rechazado románticamente a David anteriormente y él todavía actuaba con resentimiento hacia ella.

Mary y Ron Gillispie pidieron ayuda a la hermana de Ron y a su esposo, Karen y Paul Freshour. La hermana de Paul también fue informada de la existencia de las cartas, pero nadie más sabía lo que estaba sucediendo. Las cinco personas decidieron que Paul escribiría a David Longberry una carta propia. En la carta, Paul dijo que sabía que David estaba escribiendo cartas amenazadoras a Mary y Ron. Creyeron que el plan funcionó ya que las cartas dejaron de llegar durante algunas semanas.

El 19 de agosto de 1977, Ron Gillispie recibió una llamada y se enojó. Sacó su arma y les dijo a sus hijos que iba a hablar con la persona que estaba escribiendo las cartas. Unas horas más tarde, Ron Gillispie fue encontrado muerto como resultado de estrellar su camioneta contra un árbol. Antes de morir, había disparado su arma. El informe oficial de la policía del Sheriff Dwight Radcliff dice que murió como resultado de un accidente por conducir ebrio, a pesar de que los amigos y la familia de Ron dijeron que rara vez bebía y que no había bebido ese día.

Después de la muerte de Ron, otros residentes de Circleville comenzaron a recibir cartas en las que se alegaba que el sheriff Dwight Radcliff estaba involucrado en un encubrimiento relacionado con la muerte de Ron Gillispie. El alguacil Dwight Radcliff dijo que al principio pensó que había un juego sucio, sin embargo, la otra persona «involucrada» (desafortunadamente, no hay detalles sobre cómo esta otra persona estuvo involucrada en el accidente o quiénes eran) pasó una prueba de polígrafo y Ron la autopsia mostró un BAC de .16, por lo que pensó que la causa de la muerte fue conducir en estado de ebriedad.

Después de todo esto, resulta que Mary Gillispie estaba tener un romance con Gordon Massie, aunque ella afirma que comenzó después de las cartas.

En febrero de 1983, el autor de la carta había recurrido a colocar letreros inflamatorios alrededor de Circleville, especialmente a lo largo de la ruta del autobús de Mary. Muchas de las señales acusaban a Gordon Massie de violar a la hija de 12 años de Gillispie. Cuando Mary Gillispie detuvo el autobús para derribar uno de los letreros, casi muere. El letrero había sido toscamente con una trampa explosiva para dispararle a quien intentara quitarlo. La policía descubrió que el arma en la trampa explosiva estaba registrada a nombre de Paul Freshour.

Paul Freshour dijo que el arma había sido robada, pero que no había denunciado el robo, por lo que no había pruebas de ello. Se le pidió que realizara muestras de escritura a mano para que su escritura pudiera compararse con las letras de Circleville. La prueba que se le dio no es estándar y lo involucró emulando una de las letras, en lugar de simplemente darle las palabras para escribir con su propia letra. Paul Freshour fue arrestado y juzgado por el intento de asesinato de Mary Gillispie. Durante su juicio, un experto en caligrafía testificó bajo juramento que creía que Paul Freshour era el autor de las cartas de Circleville. Para entonces, Paul estaba divorciado de la cuñada de Mary, Karen, y ambos creían que él también era el escritor.

Carta del escritor de Circleville recibida por Unsolved Mysteries

Paul fue declarado culpable de intento de asesinato y se pensó que también era culpable de escribir todas las cartas. Sin embargo, mientras Pablo estaba en prisión, las cartas siguieron llegando. Paul incluso recibió una carta del escritor de cartas de Circleville que decía: “¿Cuándo vas a creer que no vas a salir de allí? Te lo dije hace dos años. Cuando los configuramos, permanecen configurados. ¿No escuchas nada? ”. Algunas de las cartas fueron enviadas mientras Paul estaba en confinamiento solitario sin ningún acceso al correo. Las cartas también se volvieron más crueles, una acusando al fiscal en el juicio de Paul de haber asesinado a una mujer embarazada.

Paul Freshour fue puesto en libertad condicional en mayo de 1994 después de diez años. Mantiene su inocencia tanto de la escritura de cartas como del intento de asesinato. El misterio apareció en un episodio de Misterios sin resolver después de lo cual el programa recibió su propia carta del escritor de Circleville que decía: Olvídese de Circleville Ohio: No haga nada que lastime al Sheriff Radcliff: Si viene a Ohio, El Sickos pagará: The Circleville Writer.

Lo que es especialmente espeluznante es lo omnipotente que parece el escritor de cartas de Circleville. Sabían los secretos de tanta gente en la ciudad. Algunos de estos secretos son cosas realmente serias por las que la gente mata, si alguna vez has visto un episodio de Archivos forenses. ¿Ese rumor sobre el fiscal en el juicio de Paul Freshour? Resultó ser al menos cierto a medias. Se descubrió que el fiscal, Roger Kline, había tenido un romance con la mujer muerta y era el padre de su hijo por nacer. El Dr. Ray Carroll, que realizó la autopsia de Ron Gillispie, fue denunciado por el escritor de Circleville como pedófilo, en 1993 fue acusado oficialmente de 12 cargos de inmoralidad grave, delitos sexuales, corrupción de un menor, pornografía, obscenidad y exposición indecente.

Entonces, ¿quién fue el escritor de cartas de Circleville?

Hay algunas teorías:

Paul Freshour. Cumplió 10 años de prisión por el intento de asesinato de Mary Gillispie. Murió en 2012 manteniendo su inocencia y que había sido encarcelado falsamente. Puede leer el sitio web de Paul sobre el caso aquí.

Mary Gillispie. Casi parece Mary posee estar en eso. ¿Cómo supo que debía detener el autobús y bajar el letrero que tenía trampa explosiva? Y pudo descubrir que tenía trampas explosivas sin lastimarse. Más tarde se reveló que Mary estaba teniendo un romance con Gordon Massie, y luego su esposo fue asesinado (lo que ella puede o no haber querido que sucediera en ese momento). Sin embargo, algunos de los letreros colocados por el escritor contenían rumores sobre la hija de Mary de 12 años, por lo que es poco probable que ella fuera la escritora.

David Longberry. Esta es la conductora del autobús que Mary Gillispie sospechó inicialmente. En 1999, violó a una niña de 11 años y huyó antes de morir por suicidio.

Karen Freshour. Esposa de Paul y hermana de Ron Gillispie. Su divorcio no fue amistoso y ella tuvo acceso a la pistola de Paul y podría haberlo incriminado.

William Massie. Hijo de Gordon Massie. El primer objetivo de las cartas de Circleville fue Mary Gillispie y el tema de esas cartas era que necesitaba poner fin a su romance con Gordon Massie. Algunas de esas cartas estaban firmadas con una «W», lo que llevó a algunas personas a sospechar del hijo de Gordon Massie, William.

Hombre de El Camino. Un hombre fue visto al costado de la carretera con un El Camino amarillo en el lugar donde Mary Gillispie se detuvo y encontró el letrero de trampa explosiva 20 minutos después. Un hombre con el que estaba saliendo Karen Freshour en ese momento conducía un vehículo similar.

También es posible que más de uno de estos sospechosos, u otros residentes de Circleville, hayan escrito una o algunas de las cartas sin ser el autor original o principal. Quizás una vez que comenzaron las cartas, varias personas aprovecharon la oportunidad para ventilar sus quejas. En ese caso, me sorprende que alguna vez murieran. Nadie ha sabido nada del escritor de cartas de Circleville desde 1993, cuando el Misterios sin resolver segmento transmitido.


0 Comentarios

Continue Reading


¿Por qué son tan importantes las relaciones comerciales?



La verdad es que las relaciones son tan imperativas en los negocios que sin ellas no podrá generar ganancias.

Necesitará entablar relaciones con muchos tipos diferentes de personas. Las relaciones con proveedores, contratistas, empleados, clientes y clientes son parte de la actividad empresarial.

De hecho, algunos argumentarán que las relaciones son uno de sus activos más importantes en su negocio.

Construyen confianza

Las relaciones le dan tiempo para construir y desarrollar la confianza, de modo que pueda llegar a un acuerdo comercial sin preocupaciones. Eso no significa que no sigas celebrando contratos, pero sí significa que tienes cierta seguridad en función de la relación de que el contrato se cumplirá.

Las conexiones sólidas predicen el éxito

Los estudios muestran que las personas que desarrollan conexiones comunitarias y relaciones sólidas tienden a tener una mejor calidad de vida y a tener más éxito que aquellas que no se conectan con los demás.

Manejar las relaciones requiere habilidad

Hay muchos aspectos diferentes de la construcción de relaciones que necesitará utilizar en los negocios. Esto incluye tener la mentalidad adecuada, así como la capacidad de desarrollar procesos y las múltiples habilidades que le permitirán administrar múltiples tipos de relaciones.

Construyen estrategia y liderazgo

Cuando comprenda que las relaciones son parte de la estrategia que utiliza para desarrollar el liderazgo, puede llegar mucho más lejos de lo que pensaba. Principalmente, porque así es como prosperan los humanos. Ya sean relaciones personales o comerciales, son un componente importante en la vida.

Ayudarle a gestionar el riesgo

Cuando construye relaciones antes de hacer negocios con alguien, es una excelente manera de administrar el riesgo. Es menos probable que sufra problemas si ha hecho su debida diligencia y se ha tomado el tiempo para conocer un poco a alguien antes de hacer negocios con ellos.

Las relaciones crean valor

Cuando construye relaciones con su audiencia, puede llegar a conocerlos mejor para poder crear aún más valor para ellos. Obtendrá una visión interna de cuáles son sus problemas para que pueda desarrollar más soluciones y valor para sus clientes.

Las relaciones adecuadas aumentan el conocimiento

Lo crea o no, cuantas más personas conozca y con las que cultive relaciones, más podrá aumentar su conocimiento. Se trata de recursos. No tienes que saberlo todo, puedes rodearte de personas inteligentes a las que puedes acercarte cuando tengas una pregunta. No solo eso, también puede encontrar más personas para subcontratar a quienes confía.

Mejoran las oportunidades de empresas conjuntas

Una forma de ganar más dinero es a través de empresas conjuntas. Las asociaciones a corto plazo en diferentes proyectos para los que ambos ofrecen un conjunto de habilidades en particular pueden ayudar a mejorar su alcance, así como sus ingresos.


0 Comentarios

Continue Reading


El ascenso del juez de la Corte Suprema Brett Kavanaugh continúa fascinando en ‘disidencia’



Fue la credibilidad conservadora de Brett Kavanaugh lo que llevó a Trump a nominar al jurista para la Corte Suprema, lo que resultó en una de las audiencias más dramáticas en la historia reciente del Senado.

Los últimos cuatro años y medio han sido un sueño febril en la política estadounidense.

La administración de Donald Trump estuvo marcada por un caos y un drama sin precedentes, con historias importantes que se desplazaban unas a otras fuera de las noticias a diario.

Disentimiento: la radicalización del Partido Republicano y su toma de la Corte, por Jackie Calmes

Pero un evento importante, las audiencias de confirmación del ahora juez de la Corte Suprema Brett Kavanaugh, todavía permanece en la mente de los estadounidenses en todo el espectro político.

La ascensión de Kavanaugh al tribunal más alto de la nación es el tema de Disentimiento, el nuevo libro de Los Angeles Times La editora de la Casa Blanca, Jackie Calmes. No es el primer libro que aborda el surgimiento de la controvertida justicia: Ruth Marcus lo hizo en Ambición suprema, al igual que Robin Pogrebin y Kate Kelly en La educación de Brett Kavanaugh – pero es una mirada fascinante no solo a la vida y carrera de Kavanaugh, sino también al exitoso plan a largo plazo del movimiento conservador estadounidense para mover la Corte Suprema hacia la derecha. Como lo describe Calmes, este fue «un sueño de cuarenta años, tomar el control del tribunal más alto de la nación con una mayoría indiscutiblemente conservadora».

Calmes rastrea la infancia de Kavanaugh en el área de Washington, DC, donde creció como hijo de un abogado y un cabildero. El joven Kavanaugh asistió a Georgetown Prep, una escuela secundaria para niños conocida por «deportes y fiestas» y que también tenía un «lado más oscuro», escribe Calmes: «[A]t Se celebró la preparación de un machismo chovinista. Después de un fin de semana de mal comportamiento, los chicos no tendrían que enfrentarse sobriamente a las chicas ofendidas en los pasillos y las clases «.

Kavanaugh obtuvo sus títulos universitarios y de derecho en Yale y obtuvo su buena fe conservadora al principio de su carrera como abogado, haciendo una pasantía para Ken Starr, entonces procurador general del presidente George HW Bush. Más tarde sería coautor del famoso informe gubernamental de Starr sobre la aventura del presidente Bill Clinton con Monica Lewinsky, que conduciría al juicio político del demócrata.

Fue la credibilidad conservadora de Kavanaugh lo que llevó a Trump a nominar al jurista para la Corte Suprema, lo que condujo a una de las audiencias más dramáticas en la historia reciente del Senado. La psicóloga Christine Blasey Ford acusó a Kavanaugh de agredirla brutalmente cuando ambos eran estudiantes de secundaria mientras uno de los amigos del joven miraba; sus afirmaciones sacudieron a la nación, con un pasaje de su testimonio – «Indeleble en el hipocampo es la risa – la risa estruendosa entre los dos – y su diversión a mis expensas» – resonando entre los sobrevivientes de agresión sexual.

Calmes escribe sobre la decisión de Ford de presentarse con verdadera sensibilidad y justicia, y habla con numerosas fuentes sobre las experiencias de los psicólogos: Calmes es una reportera de primer nivel y sus habilidades se muestran aquí. Su crónica de la audiencia de Kavanaugh, en la que Ford presentó sus reclamos contra Kavanaugh, es fascinante. Ella captura bellamente la apariencia dramática de Ford: «En un momento, se volvió nerviosa hacia los amigos detrás de ella, sonrió y saludó levemente», escribe Calmes. Dándose la vuelta, miró a los senadores, respiró hondo visiblemente y tragó saliva. La tensión era palpable, la de ella y la de todos los demás «.

Kavanaugh, por supuesto, finalmente sería confirmado, después de su propio testimonio entre lágrimas en el que negó haber atacado a Ford. Disentimiento termina con una mirada al breve mandato de Kavanaugh en la Corte Suprema, que Calmes considera cuidadosamente y con verdadera perspicacia. Al señalar que algunos conservadores se han sentido decepcionados con el presidente del Tribunal Supremo, John Roberts, Calmes escribe: «Sin embargo, Kavanaugh no decepcionó a los conservadores: se situó en el lado ‘correcto’ en las decisiones sobre el aborto, los soñadores y los derechos de los homosexuales, y señaló su entusiasmo por expandirse derechos de armas «.

Intercalados a lo largo del libro está la mirada de Calmes a los factores que hicieron posible la confirmación de Kavanaugh, y la composición actual de la Corte Suprema, que claramente favorece a los conservadores. Los republicanos estaban decididos a llenar la corte incluso antes de que el Senado recientemente controlado por los demócratas bloqueara la nominación de Robert Bork por parte del presidente Ronald Reagan a la corte en 1987, escribe Calmes. Bork fue mentor de los fundadores de la Federalist Society, un grupo constitucional originalista cuya influencia en la derecha estadounidense es parcialmente responsable de la inclinación de derecha de la corte actual; La mirada de Calmes a la historia del grupo es cautivadora.

Disentimiento es un notable trabajo de reportaje. Calmes no solo proporciona un relato detallado y bien investigado de la vida, la carrera y el ascenso de Kavanaugh para convertirse en uno de los nueve jueces más influyentes del país, sino que ofrece un contexto fascinante de los factores detrás de esto. Escribe con elegancia, pero sin adornos, resistiendo el impulso de editorializar o hacer grandes pronunciamientos, y el libro es mejor para eso: es un retrato fascinante de un momento particular en el tiempo y de la época que encarna.

El periodismo en la era de Trump ha sido una empresa infinitamente tensa; El libro de Calmes es una clase magistral sobre cómo hacerlo bien.


0 Comentarios

Continue Reading


¿Búscas empleo?


Lo más visto