THE article discusses the rise of the ransomware group INC, which specializes in ransomware-as-a-service (RaaS) and has achieved notable success by targeting vulnerable sectors such as healthcare, where victims face immediate operational pressure to pay ransoms. INC has targeted over 800 victims since its emergence in 2023, benefiting from the collapse of rival groups like ALPHV/BlackCat and LockBit.
The organization employs familiar intrusion tactics, such as spearphishing and exploiting well-known vulnerabilities. It uses double extortion strategies, pushing the urgency for payments from victims by threatening data leaks. Key factors behind INC's effectiveness include aggressive victim selection, rapid scaling of affiliate partnerships, and a focus on established, high-pressure sectors. Recommendations for organizations include implementing robust data backup strategies and enhancing security measures to mitigate risks.