- Ransomware gang infects insurance company, but DOESN’T install ransomware. Instead it steals information about insurance company’s clients, learns which have cyberinsurance, and how much insurance cover they have.
- Gang takes list of insured companies and goes through it – it’s a rolodex of ransomware – infecting each one with ransomware. They tell the victims that they know how much cyberinsurance they have, and suggest they pay up quick.
- Once gang has gone through the entire list, it goes back to where it began – with the original hacked insurance company, and installs its ransomware there too.
- Gang finds a new insurance company to hack, and so it continues…
By the way, ransomware gangs are already doing this…
