Insurance company CNA Financial paid perhaps one of the most expensive ransoms to date. It is the company’s desperate decision to free itself from hackers.
Forward paid by CNA Financial Insurance Company
According to Bloomberg, the American insurance company paid out $40 million in late March to regain control of its network after a two-week lockout.
To put that payment into perspective, the CEO of Colonial Pipeline said in an interview with The Wall Street Journal this week that his company paid hackers $4.4 million after a ransomware attack that led to shortages of fuel in the United States.
A company spokesperson told Bloomberg that CNA Financial is not commenting on the ransom and that CNA Financial followed all published laws, regulations and guidelines, including OFAC’s 2020 ransomware guidelines, in its handling. of the case.
Also Read: Korean Retailer ‘E-Land’ Suffers Ransomware Attack – Nearly Half of Its Operations at Risk of Shutdown!
The company fell victim to Phoenix Locker, an offshoot of Hades ransomware created by the infamous Russian cybercrime operation Evil Corp.
Some security researchers believe that Evil Corp is also behind WastedLocker, which is the malware linked to the Garmin ransomware attack of 2020.
In 2019, the US Treasury Department sanctioned the group for its activities. It is unclear whether Phoenix, the group behind the CNA Financial attack, is affiliated with Evil Corp.
Ransomware Attack Payment
Payouts for ransomware attacks are rarely disclosed. According to Palo Alto Networks, the average payment in 2020 was $312,493, and that’s a 171% increase over payments made by companies in 2019.
The $40 million payment made by CNA Financial is larger than any payments previously disclosed to hackers, The Verge reported.
Disclosure of the payment is likely to draw ire from lawmakers and regulators who are already unhappy that US companies are making large payments to hackers who over the past year have targeted hospitals, manufacturers medicines, police forces and other entities essential to public safety.
The FBI discourages organizations from paying a ransom because it encourages additional attacks and does not guarantee that data will be returned.
Ransomware is a type of malware that encrypts victim data. Cybercriminals using ransomware usually also steal data. The hackers then demand payment to unlock the files and promise not to disclose the stolen data. In recent years, hackers have targeted victims with cyber insurance policies and huge volumes of sensitive consumer data that make them more likely to pay a ransom.
Last year was a banner year for ransomware groups, with security experts and law enforcement estimating that victims paid around $350 million in ransom. Cybercriminals took advantage of the pandemic, a time when hospitals, medical companies and insurance companies were most active.
According to Bloomberg’s report, CNA Financial initially ignored the hackers’ requests while researching options to recover their files without engaging with the criminals. However, within a week, the company decided to start negotiations with the hackers, who demanded $60 million.
Payment was made a week later.
Related Article: Ransomware Attack Helps Macbook Repair Shops Recover Lost Data – How?
This article belongs to Tech Times
Written by Sophie Webster
ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.