Paying a ransom doesn’t guarantee you or your organization will get any data back. “The FBI does not support paying a ransom in response to a ransomware attack. The FBI’s stance on paying extortion demands under a ransomware attack is clear. See Also: Global Task Force Seeks To Curb the Ransomware Menace, Here’s What They’re Proposing Ransomware Payout Paris-based cyber insurance provider and the world’s third-largest insurance company AXA also suffered a ransomware attack last week, ironically only days after the company said it would not cover damages from cyber attacks. They also deployed endpoint detection and monitoring tools throughout the CNA environment and multi-factor authentication.
#Ransomwhere max update
However, the company said in their latest progress update that their investigations are ongoing.ĬNA Financials later restored customer services as well as internal email communication for employees with help from forensic experts. “We do not believe that the Systems of Record, claims systems, or underwriting systems, where the majority of policyholder data – including policy terms and coverage limits – is stored, were impacted,” claimed CNA. Ransomware gangs prefer to go after cyber-insured organizations since those are the ones more likely to pay up. If they did steal customer data, not only would it prove to be detrimental for CNA, but also for the policyholders (including organizations) whose insurance information, which may include cyber insurance, may be used to perpetrate additional attacks. The company remained mum on whether any customer data was stolen but said they would directly notify policyholders and insureds in case they were affected.
The impact was quite significant since it disrupted normal service for up to three days. Ransomware Attack on CNA FinancialĬNA on March 21 disclosed that it had fallen victim to “a sophisticated cybersecurity attack” which caused a network disruption and impacted certain CNA systems. The news of the payout comes weeks after the Colonial Pipeline hack earlier this month, which crippled gas supply to the U.S. Bloomberg’s sources implied that CNA’s payout was decided after negotiations between the company and the ransomware gang, meaning the original demand was possibly much higher. The revelation came from two people familiar with the attack, who disclosed to Bloomberg that CNA settled with the extortionists two weeks after the attack. The company’s $40 million payout was released a couple of weeks after the attack in March by a ransomware group using Phoenix Locker, a variant of the Hades ransomware strain developed by the Russia-based Evil Corp. Read on to understand how the notorious Evil Corp group may possibly be behind the attack.ĬNA Financial, the seventh-largest commercial insurer in the United States, forked out an astonishing amount of money to unlock its network and ensure data (if stolen) is returned following a grave ransomware attack. Chicago, IL-based insurance provider CNA Financial paid $40 million to ransomware attackers, four times the highest ransom payout of 2020.