Digital Assets: Insurance Major CNA Coughed Up $40M Cyber Ransom In March
Hackers stole valuable data and locked CNA Financial Corp out of its network.
A Bloomberg report revealed today that CAN Financial Corp (NYSE: CAN), one of the largest insurers in the U.S., was forced to pay up $40 million in cyber ransom after criminals mounted a ransomware attack. The company initially rejected the $60 million ransom demand but caved in a couple of weeks later, settling for $40 million.
The FBI frowns upon ransomware payments, saying they encourage further attacks and that there was no guarantee the bad actors would release the victim’s system after payment. However, CNA spokeswoman Cara McCall said: “CNA is not commenting on the ransom. CNA followed all laws, regulations, and published guidance, including OFAC’s 2020 ransomware guidance, in its handling of this matter.”
The CNA ransomware
CNA’s investigation found that the hackers were a group called ‘Phoenix’. They used ransomware titled Phoenix Locker, itself a variant of another malware known as ‘Hades.’
A group of Russian cybercriminals dubbed Evil Corp. is said to have created Hades. The U.S. sanctioned 17 individuals and six entities linked to Evil Corp. in December 2019.
Cyberattacks via ransomware have surged sharply in recent times. According to a report “Combating Ransomware” issued by the Institute for Security & Technology (IST), victims paid about $350 million in ransom last year, a 311% increase over 2019.
The gravity of the matter
According to IST ransomware attacks are on the rise because:
- Ransomware criminals operate with near-impunity, based out of jurisdictions that are unable or unwilling to bring them to justice.
- Financial systems such as cryptocurrencies enable attackers to receive funds without being traced.
- The barriers to entry into this highly profitable but criminal activity have become shockingly low.
- The “ransomware as a service” (RaaS) model, allows criminals without technical sophistication to conduct ransomware attacks.
- At the same time, technically knowledgeable criminals are conducting increasingly sophisticated attacks.
Is cyber insurance encouraging ransomware attacks?
Though companies are presumably loath to pay up, and the FBI forbids it, cyber insurance makes it easier to comply with the financial demands of the attackers because the ransom would be covered under the insurance policy.
Besides, all organizations prefer to get their systems up and running at the earliest.
The ransomware gangs know this psychology and probably are homing onto the cyber insured as easy-to-pick prey.
It is significant that victim CNA itself offers cyber insurance, and according to Bloomberg, the cyber culprits made off with “a trove of company data.”
If the stolen data includes customers who have taken out cyber insurance from CNA, they could be under threat.
Further, if these businesses are attacked and forced to pay ransoms, CNA may be on the hook for a lot more than the $40 million it paid the Phoenix gang.
Related Story: Colonial Pipeline Shut Down By Ransomware Attack
Latest Alternative Investment News
Alternative Investments/Digital: State Street Digital, A New Division At State Street, To Focus On Crypto
State Street (NYSE: STT), which has $40.3 trillion in assets under custody or administration, said Thursday it is establishing a new digital finance division called State Street Digital. The new…
United Airlines (NASDAQ: UAL) announced its new corporate venture fund, United Airlines Ventures, on Thursday. The fund’s brief is to invest in emerging companies that could reinvent travel and aviation…
The IMF warned Thursday that El Salvador’s move to adopt bitcoin as a legal currency in parallel with the US dollar could have various economic and legal repercussions. El Salvador’s…
Clip, a Mexican digital payments and commerce platform founded in 2012, announced June 10, its raise of $250 million in a round led by the SoftBank Latin America Fund and…