Ransomware Attack by Incransom Group Hits Planar Systems Inc.
Incident Date:
June 25, 2024
Overview
Title
Ransomware Attack by Incransom Group Hits Planar Systems Inc.
Victim
Planar Systems Inc.
Attacker
Inc Ransom
Location
First Reported
June 25, 2024
Ransomware Attack on Planar Systems Inc. by INC Ransom Group
Overview of Planar Systems Inc.
Planar Systems Inc., headquartered in Beaverton, Oregon, is a leading provider of digital display solutions. Founded in 1983, the company has established itself as a pioneer in the display technology industry. Planar's product portfolio includes high-resolution LED video walls, LCD video walls, large format LCD displays, interactive touch screen displays, and transparent OLED displays. These products are designed to meet the needs of various industries, including retail, corporate, education, healthcare, and more.
Planar is known for its commitment to innovation and quality, with products that deliver superior image quality, reliability, and performance. Their seamless video walls and interactive touch screen displays are particularly notable, providing virtually bezel-less viewing experiences and advanced touch technology for enhanced user engagement and collaboration.
Details of the Ransomware Attack
Planar Systems Inc. has recently fallen victim to a ransomware attack orchestrated by the notorious INC Ransom group. The attack was publicly claimed by the group on their dark web leak site, where they threatened to release stolen data if their ransom demands are not met. The exact details of the ransom demand and the extent of the data breach have not been disclosed by Planar Systems Inc. as of now.
The attack highlights the vulnerabilities that even well-established companies like Planar face in the current cyber threat landscape. Given Planar's extensive use of digital and interactive display technologies, the potential impact of such an attack could be significant, affecting their operations and customer trust.
Profile of the INC Ransom Group
The ransomware group is a highly sophisticated cybercriminal organization known for its targeted ransomware attacks on corporate and organizational networks. Active since 2023, the group employs advanced techniques such as spear-phishing campaigns and exploiting known vulnerabilities like CVE-2023-3519 in Citrix NetScaler. They use both Commercial Off-The-Shelf (COTS) software and legitimate system tools for reconnaissance and lateral movement within a network.
Incransom's modus operandi involves not only encrypting data but also stealing it and threatening to release it publicly, a tactic known as double extortion. This approach increases pressure on victims to comply with ransom demands. The group has targeted various industries, including healthcare, education, government entities, and technology companies, making them a significant threat in the cybersecurity landscape.
Potential Vulnerabilities and Attack Vectors
While the specific vulnerabilities exploited in the attack on Planar Systems Inc. have not been disclosed, it is likely that the Incransom group used a combination of spear-phishing and exploiting known software vulnerabilities. Given Planar's reliance on advanced display technologies and digital solutions, any weaknesses in their network security or software could have been potential entry points for the attackers.
Organizations like Planar, which operate in technology-intensive sectors, must remain vigilant and continuously update their cybersecurity measures to defend against such sophisticated threats. The attack on Planar Systems Inc. serves as a stark reminder of the evolving nature of cyber threats and the importance of robust cybersecurity practices.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.