Insurance Giant Struck by Ransomware Attack

Posted by - June 30, 2021

The Rise in Cybercrime and Cyber Insurance

Over the past year, we have profiled major cyberattacks to raise awareness about the surge in cybercrime after 2020. Businesses continue to struggle with balancing remote work and the need for stronger security measures. Some companies, unwilling or unable to invest in structural security improvements, choose to take out cyber insurance policies instead.

How Cyber Insurance Aims to Help

Cyber insurance, also known as “cyber-liability insurance,” helps companies recover from cyber threats and attacks. A policy reduces disruptions and downtime during an incident and helps absorb the financial costs of dealing with and recovering from a cyberattack. But what happens when a leading cyber insurance provider becomes the target?

CNA Hit by a Major Cyberattack

CNA, a well-known insurance company, offers a range of insurance solutions, including cyber insurance policies that protect against ransomware attacks. In a public statement, CNA confirmed that “on March 21, 2021, CNA determined that it sustained a sophisticated cybersecurity attack” and that “the attack caused a network disruption and impacted certain CNA systems, including corporate email.”

The hacking group known as Phoenix encrypted data on over 15,000 CNA devices, potentially compromising sensitive client information. While CNA is working with the FBI to mitigate the fallout, this attack could signal the start of a ‘second wave’ of cyberattacks.

Why This Attack Matters

This breach raises a critical concern: cybercriminals now see cyber-insured organizations as prime targets. While cyber insurance is designed to counter cyber threats, threat actors recognize that insured organizations are more likely to pay ransom demands.

If Phoenix accessed CNA’s client data, the organizations that purchased cyber insurance may become future targets. This attack highlights the evolving strategies of cybercriminals and the increasing risks companies face.

Steps to Protect Your Business

If your organization has purchased cyber insurance through CNA, take these steps to protect yourself:

  • Acknowledge that your risk of attack has increased.
  • Monitor the news for updates on compromised information.
  • Strengthen your business’s cybersecurity measures beyond just insurance.

If you need help identifying vulnerabilities in your business’s security, reach out to us at info@optfinity.com for more information.

Leave a Reply

Your email address will not be published. Required fields are marked *