CNA Insurance Firm Paid $40m in Ransom

  • By Dawna M. Roberts
  • Jun 10, 2021

U.S. insurance giant CNA Financial recently paid hackers $40 million to release their systems from ransomware. The cyberattack occurred in late March. 

What Happened?

CNA Insurance Ransom of $40 Million

Bloomberg first reported on the story, and then the New York Post picked it up. CNA suffered a massive cyberattack that locked them out of their systems for two weeks when they finally decided to pay the ransom to get their data back. 

No one at CNA commented on the attack. However, they did share details about the incident with the FBI and Treasury Department’s Office of Foreign Assets Control despite warnings that companies who pay ransom could face government sanctions for doing so. 

The New York Post said:

‘“CNA followed all laws, regulations, and published guidance, including OFAC’s 2020 ransomware guidance, in its handling of this matter,” the spokeswoman, Cara McCall, told Bloomberg.’

Experts note that $40 million was the most enormous ransom paid to date. The insurance conglomerate believes that a hacker group called Phoenix is responsible for the issue. CNA offers cybersecurity insurance to its clients, which is why it was probably a victim. Hacker gangs often target those with deep pockets. In this case, instead of targeting a CNA customer, they went straight to the source. 

What Does the FBI Say?

The FBI has a protocol of advising victims not to pay. However, companies like Colonial Pipeline and CNA felt compelled to take action to release their systems to get their businesses back online. The impact of the Colonial Pipeline attack was felt up and down the entire East coast with fuel shortages and skyrocketing prices. In the end, Colonial paid the DarkSide hacker gang a $4.4 million ransom to restore their systems. 

According to the New York Post “The FBI says that paying ransom creates incentives for more attacks and supports criminal gangs.”

Ransomware attacks have become a massive problem for companies and government agencies, but it is a most profitable way of life for hackers. Studies show that ransomware payments went up by 311% since last year for a total of $350 million!

What Can Companies Do to Stay Safe?

Recently the U.S. formed a cybersecurity task force designed to respond to the growing problem of ransomware in this country. The group created an 81-page report outlining some guidelines for the public and private sector as well as suggestions for government agencies. The report, prepared by the Institute for Security and Technology, was provided to the Biden administration a few days before Colonial Pipeline was hit. 

Some of the highlights of this report are:

  • Coordinating information between various international and local law enforcement agencies to deal with attacks swiftly.

  • Require careful consideration before paying any ransom.

  • An aggressive stance against ransomware by the U.S. 

  • Ransomware relief funds.

  • Laws governing cryptocurrency. 

Some things companies can do to secure their systems against ransomware are: 

  • Hire forensic experts to audit their systems and implement upgrades.

  • Install 24/7 network monitoring software.

  • Force best practices in all areas of IT, especially user passwords and device management. 

  • Implement a zero-trust policy.

  • Use long, strong passwords and force password resets routinely.

  • Install antivirus/anti-malware software on all devices.

  • Train employees on phishing and social engineering tactics.

  • Never click links in email or download attachments.

  • Turn off installing software except from trusted sources.

  • Consult the task force report and follow the guidelines on how to better secure network systems and personnel. 

  • Update firmware, software, and all apps regularly with the latest security patches. 

  • Stay on top of emerging threats and ways to combat them.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

The number of victims caused by the global MOVEit data breach continues to climb; Welltok has announced more exposures, this time from three more health organizations.

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

"Pan American Life Insurance Group Building - New Orleans" by Tony Webster is licensed under CC BY 2.0. Source: Flickr

New York Healthcare Provider Notified 600k Following Network Cyberattack

New York Healthcare Provider Notified 600k Following Network Cyberattack

East River Medical Imaging (ERMI) has three locations in New York City and Westchester County.  ERMI is a "multi-modality radiology center," including patient-centered solutions like MRIs, CTs, ultrasounds, imaging, radiology, fluoroscopy, and x-rays.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address