Untitled Document

Your Place For
Insurance Resources

A Premier Texas Insurance Agency Since 1913


Diary of a hacker

Posted on Mar 26, 2015 by: Zach West

Bookmark and Share

The following is a fictional online public record created to document the process and parties involved in the life cycle of a cyber attack.


Bots reporting in

By Chen from Guangzhou, China

(Translated) Our most recent group of bots, which we have spent nearly eight months perfecting, have returned very promising information regarding North American and European servers. They identified possible vulnerabilities at 366,203 access points. 73% of these servers are located in the United States. 88% are owned by companies with less than one hundred registered employees. 27% are owned by educational institutions, and 22% are owned by companies associated with the healthcare industry. Based on our own criteria for effective server firewalls, as well as an analysis of the capabilities of our clients, we estimate that 95% of these servers can be reliably breached by our clients. Now that we have acquired these leads, they will be divided based on region and interest and sold to our various clients via a bidding process.


Viable targets identified

By Kyong from Seoul, South Korea

(Translated) Yesterday, we received a group of one hundred leads from our partners in China. We have spent the last twenty-four hours investigating each lead and weighing potential gains against difficulty in breaching server defenses. That analysis has yielded five optimum targets:

  • Fairview Family Clinic, Dayton, Ohio, United States
  • Cook & Juniper Law Offices, London, England
  • Pinto Ranch Baptist Church, Katy, Texas
  • St. Aaron High School, Seattle, Washington, United States
  • Hauptland Gymnasium, Berlin, Germany

Each target is predicted to have a sufficient amount of sensitive information on its servers to justify a determined breach attempt. Additionally, as promised by our Chinese partners, each target has significant vulnerabilities in its server defenses.


Servers breached

By Kyong from Seoul, South Korea

(Translated) Breaches into the Texas church and Berlin school are still in progress, and we expect to defeat their firewalls shortly. We have successfully breached the Seattle school, London law office, and Ohio healthcare clinic. From these targets, in total, we have extracted:

  • 26,115 social security numbers (U.S. only)
  • 19,883 medical insurance policy numbers
  • 38,593 complete records of full name, date of birth, and physical address
  • 31,440 personal email addresses
  • 36,916 sets of credit card information
  • 725,023 archived emails

One hour ago, I began reaching out to our customers in the United States and England. Our shop plans to sell the social security numbers and complete personal records at the market price of five U.S. dollars per record. We will package insurance policy numbers with the matching social security number and billing information for an extra five U.S. dollars per record. For the credit card information, we will ask for one U.S. dollar per record.


It’s been a great month so far

By Gary from Los Angeles, California

Those Koreans work wonders. I talked them down to $8 USD per medical record, including policy numbers, and bought 1,000 of them. Today I’ll get my team started on filing claims with carriers, and if we do good work, we should pay off our investment at least five-fold.

I also bought 8,000 credit card numbers. I’ll probably drop them off at my buddy’s shop in La Jolla. We got them for a dollar per number, so we’ll sell them at two dollars per and net eight grand. Not bad for a day’s work.