CNA Insurance Firm Paid $40m in Ransom

Posted on by Dawna M. Roberts in News June 10, 2021
https://content.infopay.net/storage/thumbnails/k27dAcv6vjBGQ8N7pcKTQH8JqAdmWQIRa44PqzX1.jpg

U.S. insurance giant CNA Financial recently paid hackers $40 million to release their systems from ransomware. The cyberattack occurred in late March. 

What Happened?

CNA Insurance Ransom of $40 Million

Bloomberg first reported on the story, and then the New York Post picked it up. CNA suffered a massive cyberattack that locked them out of their systems for two weeks when they finally decided to pay the ransom to get their data back. 

No one at CNA commented on the attack. However, they did share details about the incident with the FBI and Treasury Department’s Office of Foreign Assets Control despite warnings that companies who pay ransom could face government sanctions for doing so. 

The New York Post said:

‘“CNA followed all laws, regulations, and published guidance, including OFAC’s 2020 ransomware guidance, in its handling of this matter,” the spokeswoman, Cara McCall, told Bloomberg.’

Experts note that $40 million was the most enormous ransom paid to date. The insurance conglomerate believes that a hacker group called Phoenix is responsible for the issue. CNA offers cybersecurity insurance to its clients, which is why it was probably a victim. Hacker gangs often target those with deep pockets. In this case, instead of targeting a CNA customer, they went straight to the source. 

What Does the FBI Say?

The FBI has a protocol of advising victims not to pay. However, companies like Colonial Pipeline and CNA felt compelled to take action to release their systems to get their businesses back online. The impact of the Colonial Pipeline attack was felt up and down the entire East coast with fuel shortages and skyrocketing prices. In the end, Colonial paid the DarkSide hacker gang a $4.4 million ransom to restore their systems. 

According to the New York Post “The FBI says that paying ransom creates incentives for more attacks and supports criminal gangs.”

Ransomware has become a massive problem for companies and government agencies, but it is a most profitable way of life for hackers. Studies show that ransomware payments went up by 311% since last year for a total of $350 million!

What Can Companies Do to Stay Safe?

Recently the U.S. formed a cybersecurity task force designed to respond to the growing problem of ransomware in this country. The group created an 81-page report outlining some guidelines for the public and private sector as well as suggestions for government agencies. The report, prepared by the Institute for Security and Technology, was provided to the Biden administration a few days before Colonial Pipeline was hit. 

Some of the highlights of this report are:

  • Coordinating information between various international and local law enforcement agencies to deal with attacks swiftly.

  • Require careful consideration before paying any ransom.

  • An aggressive stance against ransomware by the U.S. 

  • Ransomware relief funds.

  • Laws governing cryptocurrency. 

Some things companies can do to secure their systems against ransomware are: 

  • Hire forensic experts to audit their systems and implement upgrades.

  • Install 24/7 network monitoring software.

  • Force best practices in all areas of IT, especially user passwords and device management. 

  • Implement a zero-trust policy.

  • Use long, strong passwords and force password resets routinely.

  • Install antivirus/anti-malware software on all devices.

  • Train employees on phishing and social engineering tactics.

  • Never click links in email or download attachments.

  • Turn off installing software except from trusted sources.

  • Consult the task force report and follow the guidelines on how to better secure network systems and personnel. 

  • Update firmware, software, and all apps regularly with the latest security patches. 

  • Stay on top of emerging threats and ways to combat them.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagram’s c... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien” is ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the country, ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% of the... Read More

FREE IDENTITY THREAT SCAN
Scan Your Records for Breaches, Leaks & Exposures!