Graham Cluley

💥 The ransomware vs insurance company playbook 💥

1. Ransomware gang infects insurance company, but DOESN'T install ransomware. Instead it steals information about insurance company's clients, learns which have cyberinsurance, and how much insurance cover they have.

2. Gang takes list of insured companies and goes through it - it's a rolodex of ransomware - infecting each one with ransomware. They tell the victims that they know how much cyberinsurance they have, and suggest they pay up PDQ

Jun 16 at 9:50pmWeb
Show threadGraham CluleyJun 16

3. Once gang has gone through the entire list, it goes back to where it began - with the original hacked insurance company, and installs its ransomware there too.

4. Gang finds a new insurance company to hack, and so it continues...

By the way, ransomware gangs are already doing this...

Show threadPhil Ashby  🍵Jun 16
@gcluley possibly even more effective if they start with a big broker company.. adding to the risk model when I'm in the office tomorrow!