INC RANSOM is responsible for yet another ransomware attack, this time on the New York School of Interior Design. This recent attack follows a string of hits attributed to INC RANSOM, a relatively new hacking group.
The recent attack shows that INC RANSOM doesn’t shy away from targeting both private companies and public institutions. The outcome is always the same: the group encrypts the sensible data and blackmails the victim to obtain the ransom.
As is the case with most ransomware attacks, the group offered the victim two solutions to the problem: pay up or have the data leaked publicly. It’s still unclear if the target caved in and paid the ransom or not.
The attack on the New York School of Interior Design exploited the institution’s vulnerabilities with extreme effectiveness. The school’s representatives received a note stating that they had 72 hours at their disposal to contact the attackers.
In exchange of paying the ransom, INC RANSOM would guarantee:
We believe security online security matters and its our mission to make it a safer place.
INC RANSOM doesn’t appear to have any clear connection to any of the existent cyber-threat actors. Nothing links INC RANSOM to any political or ideological affiliation either. The organization is seemingly only interested in financial gains.
Given that INC RANSOM relies on very complex and aggressive attack patterns, prevention remains the best method of protection. One of the most common infiltration methods relies on spear-phishing emails, as well as via known network vulnerabilities.
The infection takes effect fast, encrypting important data and restricting access to core network functionalities. The outcome is even more severe in the case of a public institution that cannot afford to go offline for too long.
This is one of the reasons why INC RANSOM targets high-profile institutions. Their only realistic option is to pay up and work on their defenses afterwards. Currently, efforts are being made to unveil INC RANSOM’s true identity and motives.