Canadian casinos and mining organizations were the primary targets of financially motivated intrusion operations carried out by a hacking group called FIN10, according to cybersecurity and malware protection company FireEye.The FireEye "FIN10: Anatomy of a Cyber Extortion Operation" report indicated FIN10's primary goal was to steal business data, correspondence, files, records and customer personally identifiable information (PII).In addition, the report showed FIN10 requested ransoms of 100 to 500 bitcoins, valued at between $125,000 and $620,000 as of mid-April 2017, FireEye said in a prepared statement.Initial compromise of network. Establish foothold of network. Perform internal reconnaissance. Complete mission. FIN10's operational success makes it "highly probable" that the hacking group will continue to conduct extortion-based campaigns, FireEye noted.Moreover, FIN10 may look beyond casinos and mining organizations, according to FireEye."While FIN10 has seemingly only targeted organizations within two industry verticals, it is possible the group has previously or will in the future expand their regional and industry-specific targeting," FireEye wrote in its report. "Historically, we have seen this type of threat activity — cyberattacks resulting in the theft or compromise of sensitive data to be leveraged in extortion plots — affect multiple targeted verticals."Confirm that a data breach has occurred before you consider paying a ransom. Consider how a cyberattacker will react to your organization's action or inaction. Validate the scope and severity of a data breach as quickly as possible and beware fatigue and burnout. Understand whether tasks can help you mitigate, detect, respond to or contain a cyberattack. Consider getting legal authorities involved in all communications with cyberattackers. Get forensic, legal and public relations support. Brainstorm potential data breach risks and solutions. Maintain strong segmentation and controls over your backup environment. Implement both tactical and strategic actions after a breach to prevent future cyberattackers from gaining access to sensitive information and systems. Perform penetration testing to validate security controls and address vulnerabilities. Responding to a hacking group like FIN10 can be difficult, FireEye pointed out.However, with the aforementioned incident response engagement tips, organizations may be better equipped than ever before to limit the impact of cyberattacks, according to FireEye.