INC Ransom hackers have been busy lately, managing to breach several high-profile organizations. The latest one is Hands from Canada, a family-oriented business, dealing with caregiver services and child and adult assistance.
At the time of writing this article, Hands’s website displayed the message “Hands is currently experiencing technical difficulties”
INC Ransom didn’t expand on the event other than providing a short summary of the victim
INC Ransom hackers have been increasingly active over the past several months
According to an FBI report, corroborated by other law enforcement agencies, INC Ransom has over 250 confirmed victims so far
The cybercriminal organization first appeared in March of 2023 but expanded fast. Faster than anyone would’ve expected. Not only did they start attacking high-profile organizations, but they also operated at high levels.
The gang would always conduct operations, sometimes breaching 3-4 targets at the same time. This level of activity and expertise is abnormal for a rookie ransomware group, some experts have pointed out.
This is why the current theory is that INC Ransom comprises veteran hackers with a lot of experience in the field. But where did they get their experience from? Fortunately, there’s one theory that appears to be more than a theory.
Recently, INC Ransom has put up a new extortion website, where they list 64 victims currently. The peculiar thing is that the website’s design resembles that of another cybercriminal gang, Hunters International.
This may either suggest an affiliation between the 2 or the fact that INC Ransom is fond of the latter. It’s rather normal for various cybercriminal gangs to draw inspiration and support one another.
If the answer would’ve been clear and intuitive, nobody would’ve worried about any ransomware organizations ever. But it’s not. Prevention is the best method to deal with potential ransomware attacks, as good defenses minimize the risk of unwanted breaches.
Except that the keyword here is “minimize”. Not “eliminate.” This means that if a given ransomware gang targets you, it’s only a matter of time before they find a way. Especially if it’s a high-profile organization like INC Ransom.
So, how can you then deal with ransomware attacks? The standard approach, that all cybersecurity experts recommend, is the no-negotiation policy. Do not contact the hackers, do not negotiate, and do not pay the ransom.
Paying the ransom doesn’t guarantee anything aside from getting the decryption key. As to the stolen data, the hackers will use it as they please, no matter what they tell you.
Research shows that many ransomware gangs either sell the data, keep it, or share it with other ransomware actors even after the ransom is paid. Plus, giving in to the hackers’ demands marks you as a target for more future attacks.
Getting breached by a ransomware gang is pretty much a lose-lose situation, no matter how you decide to act. But some approaches are better than others. Until the unfortunate happens, keep in mind that prevention still remains the best tool you have right now.
We believe security online security matters and its our mission to make it a safer place.