Net extortion is big business
INC Ransom, the group behind the theft of NHS patients’ medical data, has targeted dozens of other groups since it formed last August.
Most of the group’s 65 attacks have been against American institutions including universities, private health clinics, law firms and even trade unions.
North America University, the New York School of Interior Design and care firm Abbeyfield are among those who have been compromised by the group.
A government body, the US Federal Labor Relations Authority, was targeted and refused to pay the ransom so hackers published the stolen data online.
On April 4, the crooks went after Leicester City Council and hacked its data.
Similar to the NHS
Dumfries and Galloway attack on March 15, the hackers published proof of their crimes on their dark web extortion site.
Documents relating to residents were posted to authenticate the hack and a ransom has been demanded but has so far not been paid.
Experts have said that as public organisations have a strict policy of not giving in to ransom demands the hackers would be aware of this and may have taken data as a way of trying to damage organisations’ reputations.
INC Ransom’s focus on US and UK targets has led to speculation that they are being controlled by a foreign state although no evidence has been found to show who is behind the group.