The INC Ransom hackers announced another high-profile breach against a US-based company. The attackers posted the news on their public website and gave the victim several days to contact them for negotiations.
Unlike typical ransomware gangs, INC Ransom is more versatile in its approach. The group advertises itself as a service provider. As they put it, the hackers are simply cybersecurity experts who provide services in the field.
They identify vulnerabilities in their ‘clients’ systems, use them to breach the target corporations and exfiltrate the data to showcase the problem. They then require remuneration for their efforts, which everybody else calls ransom.
While this isn’t a unique approach, it’s definitely not exactly common either.
The gang uses the double-extortion practice to force their victims into submission. They keep the stolen data and use it as leverage in an attempt to extort the victim of money. The hackers are known to demand quite hefty ransoms in exchange for the deletion of the data.
Which, as experts claim, doesn’t happen anyway. The perpetrators will rather keep the data or share it with other cybercriminal gangs. Especially since the victim has no way of verifying that they won’t.
This is the main reason why you shouldn’t pay the ransom. And it’s not the only one.
Your system has been encrypted and you can no longer access your personal or work-related files. This is an uncomfortable scenario that becomes nightmarish when the victim in question is a high-profile business with several employees and multiple clients.
In that case, the data leak may impact a lot more people than the business owner alone. This is why companies that experience these types of breaches usually have legal problems shortly. It’s no wonder that so many ‘forget’ to report the breach.
So, what should you do if you find yourself at the mercy of some shady ransomware actor? The standard advice is the same, no matter whether you’re a private individual or a corporation: do not negotiate with the hackers. Do not pay the ransom!
Paying the ransom does nothing for you except make you lose money and get the decryption key. The latter is most likely worth it, but it’s not something you can’t handle yourself with a bit of professional assistance.
As to the stolen data, consider it leaked, no matter the guarantees that the hackers will provide you. The experts explain that the hackers usually keep the data for themselves or share it with other equally shady actors.
The best approach is the no-negotiation policy. Take the hit, boost your cyber-defenses, and make sure it doesn’t happen again.
We believe security online security matters and its our mission to make it a safer place.