Reinsurance News

CNA paid $40mn ransom to resolve March cyber attack

21st May 2021 - Author: Charlie Wood

US insurer CNA is reported to have paid a $40 million ransom last March as the company attempted to regain control over its network and meet the demands of a highly organised cybercrime syndicate.

The hackers had been successful in infecting CNA’s network with a type of malware known as ransomware, able to encrypt a victim’s data and enable demands to be made.

A recent security incident update inists the majority of policyholder data was unaffected by the breach, however it is believed CNA officials were left locked out of their own network and that the situation was severe enough to warrant the ransom being paid two weeks later.

According to two anonymous individuals familiar with the attack, CNA initially ignored the hackers’ demands and instead pursued options to recover their files without engaging with the criminals.

In a statement, a CNA spokesperson described the company as having followed the law, consulting and sharing intelligence about the attack and the hacker’s identity with the FBI and the Treasury Department’s Office of Foreign Assets Control, which said last year that facilitating ransom payments to hackers could pose sanctions risks.

No more than two months after CNA’s breach in March, the US’ largest fuel pipeline was forced offline by a ransomware attack, causing major disruption and a sudden hike in fuel prices.

The hack is being seen by many as one of the most significant attacks ever to successfully target critical national infrastructure. The pipeline carries 2.5 million barrels a day, or roughly 45% of the East Coast’s supply of diesel, petrol and jet fuel.

Print Friendly, PDF & Email

Recent Reinsurance News

Getting your daily reinsurance news from Reinsurance News is a simple way to receive only the reinsurance industry news that matters, delivered directly to your email inbox.

  • Only email is mandatory, but the more you tell us about yourself the better we can serve you in future!
  • This field is for validation purposes and should be left unchanged.

By submitting the form you are giving your consent to be emailed by us.

Read previous post:
IGI returns to profit as underwriting & investments improve

International General Insurance Holdings Ltd. (IGI) has reported profit of US $14.5 million for the first quarter of 2021, compared...